NuytsTech Security

CVE-2025-68185

by ·

In the Linux kernel, the following vulnerability has been resolved:

nfs4_setup_readdir(): insufficient locking for ->d_parent->d_inode dereferencing

Theoretically it’s an oopsable race, but I don’t believe one can manage
to hit it on real hardware; might become doable on a KVM, but it still
won’t be easy to attack.

Anyway, it’s easy to deal with – since xdr_encode_hyper() is just a call of
put_unaligned_be64(), we can put that under ->d_lock and be done with that.

More information : https://git.kernel.org/stable/c/40be5b9080114f18b0cea386db415b68a7273c1a

Tags: