cvelistv5 - cve-2025-68183

CVE-2025-68183 (GCVE-0-2025-68183)

Vulnerability from cvelistv5

Published

2025-12-16 13:43

Modified

2025-12-16 13:43

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr Currently when both IMA and EVM are in fix mode, the IMA signature will be reset to IMA hash if a program first stores IMA signature in security.ima and then writes/removes some other security xattr for the file. For example, on Fedora, after booting the kernel with "ima_appraise=fix evm=fix ima_policy=appraise_tcb" and installing rpm-plugin-ima, installing/reinstalling a package will not make good reference IMA signature generated. Instead IMA hash is generated, # getfattr -m - -d -e hex /usr/bin/bash # file: usr/bin/bash security.ima=0x0404... This happens because when setting security.selinux, the IMA_DIGSIG flag that had been set early was cleared. As a result, IMA hash is generated when the file is closed. Similarly, IMA signature can be cleared on file close after removing security xattr like security.evm or setting/removing ACL. Prevent replacing the IMA file signature with a file hash, by preventing the IMA_DIGSIG flag from being reset. Here's a minimal C reproducer which sets security.selinux as the last step which can also replaced by removing security.evm or setting ACL, #include <stdio.h> #include <sys/xattr.h> #include <fcntl.h> #include <unistd.h> #include <string.h> #include <stdlib.h> int main() { const char* file_path = "/usr/sbin/test_binary"; const char* hex_string = "030204d33204490066306402304"; int length = strlen(hex_string); char* ima_attr_value; int fd; fd = open(file_path, O_WRONLY|O_CREAT|O_EXCL, 0644); if (fd == -1) { perror("Error opening file"); return 1; } ima_attr_value = (char*)malloc(length / 2 ); for (int i = 0, j = 0; i < length; i += 2, j++) { sscanf(hex_string + i, "%2hhx", &ima_attr_value[j]); } if (fsetxattr(fd, "security.ima", ima_attr_value, length/2, 0) == -1) { perror("Error setting extended attribute"); close(fd); return 1; } const char* selinux_value= "system_u:object_r:bin_t:s0"; if (fsetxattr(fd, "security.selinux", selinux_value, strlen(selinux_value), 0) == -1) { perror("Error setting extended attribute"); close(fd); return 1; } close(fd); return 0; }

References

URL

ghsa-w26q-x7h4-9gc5

Vulnerability from github

Published

2025-12-16 15:30

Modified

2025-12-16 15:30

Details

In the Linux kernel, the following vulnerability has been resolved:

ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr

Currently when both IMA and EVM are in fix mode, the IMA signature will be reset to IMA hash if a program first stores IMA signature in security.ima and then writes/removes some other security xattr for the file.

For example, on Fedora, after booting the kernel with "ima_appraise=fix evm=fix ima_policy=appraise_tcb" and installing rpm-plugin-ima, installing/reinstalling a package will not make good reference IMA signature generated. Instead IMA hash is generated,

# getfattr -m - -d -e hex /usr/bin/bash
# file: usr/bin/bash
security.ima=0x0404...

This happens because when setting security.selinux, the IMA_DIGSIG flag that had been set early was cleared. As a result, IMA hash is generated when the file is closed.

Similarly, IMA signature can be cleared on file close after removing security xattr like security.evm or setting/removing ACL.

Prevent replacing the IMA file signature with a file hash, by preventing the IMA_DIGSIG flag from being reset.

Here's a minimal C reproducer which sets security.selinux as the last step which can also replaced by removing security.evm or setting ACL,

#include <stdio.h>
#include <sys/xattr.h>
#include <fcntl.h>
#include <unistd.h>
#include <string.h>
#include <stdlib.h>

int main() {
    const char* file_path = "/usr/sbin/test_binary";
    const char* hex_string = "030204d33204490066306402304";
    int length = strlen(hex_string);
    char* ima_attr_value;
    int fd;

    fd = open(file_path, O_WRONLY|O_CREAT|O_EXCL, 0644);
    if (fd == -1) {
        perror("Error opening file");
        return 1;
    }

    ima_attr_value = (char*)malloc(length / 2 );
    for (int i = 0, j = 0; i < length; i += 2, j++) {
        sscanf(hex_string + i, "%2hhx", &ima_attr_value[j]);
    }

    if (fsetxattr(fd, "security.ima", ima_attr_value, length/2, 0) == -1) {
        perror("Error setting extended attribute");
        close(fd);
        return 1;
    }

    const char* selinux_value= "system_u:object_r:bin_t:s0";
    if (fsetxattr(fd, "security.selinux", selinux_value, strlen(selinux_value), 0) == -1) {
        perror("Error setting extended attribute");
        close(fd);
        return 1;
    }

    close(fd);

    return 0;
}

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-68183"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-16T14:15:50Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nima: don\u0027t clear IMA_DIGSIG flag when setting or removing non-IMA xattr\n\nCurrently when both IMA and EVM are in fix mode, the IMA signature will\nbe reset to IMA hash if a program first stores IMA signature in\nsecurity.ima and then writes/removes some other security xattr for the\nfile.\n\nFor example, on Fedora, after booting the kernel with \"ima_appraise=fix\nevm=fix ima_policy=appraise_tcb\" and installing rpm-plugin-ima,\ninstalling/reinstalling a package will not make good reference IMA\nsignature generated. Instead IMA hash is generated,\n\n    # getfattr -m - -d -e hex /usr/bin/bash\n    # file: usr/bin/bash\n    security.ima=0x0404...\n\nThis happens because when setting security.selinux, the IMA_DIGSIG flag\nthat had been set early was cleared. As a result, IMA hash is generated\nwhen the file is closed.\n\nSimilarly, IMA signature can be cleared on file close after removing\nsecurity xattr like security.evm or setting/removing ACL.\n\nPrevent replacing the IMA file signature with a file hash, by preventing\nthe IMA_DIGSIG flag from being reset.\n\nHere\u0027s a minimal C reproducer which sets security.selinux as the last\nstep which can also replaced by removing security.evm or setting ACL,\n\n    #include \u003cstdio.h\u003e\n    #include \u003csys/xattr.h\u003e\n    #include \u003cfcntl.h\u003e\n    #include \u003cunistd.h\u003e\n    #include \u003cstring.h\u003e\n    #include \u003cstdlib.h\u003e\n\n    int main() {\n        const char* file_path = \"/usr/sbin/test_binary\";\n        const char* hex_string = \"030204d33204490066306402304\";\n        int length = strlen(hex_string);\n        char* ima_attr_value;\n        int fd;\n\n        fd = open(file_path, O_WRONLY|O_CREAT|O_EXCL, 0644);\n        if (fd == -1) {\n            perror(\"Error opening file\");\n            return 1;\n        }\n\n        ima_attr_value = (char*)malloc(length / 2 );\n        for (int i = 0, j = 0; i \u003c length; i += 2, j++) {\n            sscanf(hex_string + i, \"%2hhx\", \u0026ima_attr_value[j]);\n        }\n\n        if (fsetxattr(fd, \"security.ima\", ima_attr_value, length/2, 0) == -1) {\n            perror(\"Error setting extended attribute\");\n            close(fd);\n            return 1;\n        }\n\n        const char* selinux_value= \"system_u:object_r:bin_t:s0\";\n        if (fsetxattr(fd, \"security.selinux\", selinux_value, strlen(selinux_value), 0) == -1) {\n            perror(\"Error setting extended attribute\");\n            close(fd);\n            return 1;\n        }\n\n        close(fd);\n\n        return 0;\n    }",
  "id": "GHSA-w26q-x7h4-9gc5",
  "modified": "2025-12-16T15:30:44Z",
  "published": "2025-12-16T15:30:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68183"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/02aa671c08a4834bef5166743a7b88686fbfa023"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/88b4cbcf6b041ae0f2fc8a34554a5b6a83a2b7cd"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d2993a7e98eb70c737c6f5365a190e79c72b8407"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/edd824eb45e4f7e05ad3ab090dab6dbdb79cd292"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

wid-sec-w-2025-2868

Vulnerability from csaf_certbund

Published

2025-12-16 23:00

Modified

2025-12-21 23:00

Summary

Linux Kernel: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff

Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um nicht näher spezifizierte Angriffe durchzuführen, die möglicherweise zu einer Denial-of-Service- Bedingung führen oder eine Speicherbeschädigung verursachen können.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um nicht n\u00e4her spezifizierte Angriffe durchzuf\u00fchren, die m\u00f6glicherweise zu einer Denial-of-Service- Bedingung f\u00fchren oder eine Speicherbesch\u00e4digung verursachen k\u00f6nnen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-2868 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2868.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-2868 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2868"
      },
      {
        "category": "external",
        "summary": "Kernel CVE Announce Mailingliste",
        "url": "https://lore.kernel.org/linux-cve-announce/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-40346",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121633-CVE-2025-40346-623f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-40347",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121634-CVE-2025-40347-275c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-40348",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121635-CVE-2025-40348-4387@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-40349",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121635-CVE-2025-40349-82c6@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-40350",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121635-CVE-2025-40350-577e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-40351",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121636-CVE-2025-40351-55f8@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-40352",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121636-CVE-2025-40352-3fa5@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-40353",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121636-CVE-2025-40353-fb93@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-40354",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121637-CVE-2025-40354-b9bd@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-40355",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121637-CVE-2025-40355-7b3b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-40356",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121637-CVE-2025-40356-27b8@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-40357",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121638-CVE-2025-40357-67de@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-40358",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121643-CVE-2025-40358-9963@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-40359",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121644-CVE-2025-40359-143c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-40360",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121644-CVE-2025-40360-28d0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-40361",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121644-CVE-2025-40361-50ca@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-40362",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121645-CVE-2025-40362-c4d6@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-40363",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121645-CVE-2025-40363-bbdd@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68167",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121627-CVE-2025-68167-a6eb@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68168",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121627-CVE-2025-68168-7341@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68169",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121628-CVE-2025-68169-1e23@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68170",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121628-CVE-2025-68170-6a22@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68171",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121628-CVE-2025-68171-d43d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68172",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121629-CVE-2025-68172-3d84@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68173",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121629-CVE-2025-68173-788c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68174",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121629-CVE-2025-68174-84da@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68175",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121629-CVE-2025-68175-d545@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68176",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121630-CVE-2025-68176-4be5@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68177",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121630-CVE-2025-68177-5af8@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68178",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121630-CVE-2025-68178-6a73@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68179",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121631-CVE-2025-68179-6ce9@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68180",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121631-CVE-2025-68180-385e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68181",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121631-CVE-2025-68181-57dd@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68182",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121632-CVE-2025-68182-87b4@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68183",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121632-CVE-2025-68183-f588@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68184",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121632-CVE-2025-68184-602a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68185",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121633-CVE-2025-68185-6db0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68186",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121633-CVE-2025-68186-8a42@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68187",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121633-CVE-2025-68187-630c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68188",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121634-CVE-2025-68188-5392@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68189",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121634-CVE-2025-68189-c9b6@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68190",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121634-CVE-2025-68190-e648@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68191",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121635-CVE-2025-68191-ec54@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68192",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121635-CVE-2025-68192-4491@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68193",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121635-CVE-2025-68193-2474@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68194",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121636-CVE-2025-68194-2b2f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68195",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121636-CVE-2025-68195-98fc@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68196",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121636-CVE-2025-68196-5e6e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68197",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121637-CVE-2025-68197-5624@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68198",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121627-CVE-2025-68198-2638@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68199",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121630-CVE-2025-68199-c244@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68200",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121630-CVE-2025-68200-3bbb@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68201",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121630-CVE-2025-68201-d175@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68202",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121631-CVE-2025-68202-f008@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68203",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121631-CVE-2025-68203-7510@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68204",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121631-CVE-2025-68204-8659@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68205",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121632-CVE-2025-68205-6672@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68206",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121632-CVE-2025-68206-47ba@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68207",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121632-CVE-2025-68207-c0f2@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68208",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121633-CVE-2025-68208-d2fc@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68209",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121633-CVE-2025-68209-2e49@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68210",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121633-CVE-2025-68210-c4b9@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68211",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121634-CVE-2025-68211-180a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68212",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121630-CVE-2025-68212-eab7@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68213",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121630-CVE-2025-68213-2d63@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68214",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121631-CVE-2025-68214-1871@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68215",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121631-CVE-2025-68215-ee77@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68216",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121631-CVE-2025-68216-405a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68217",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121632-CVE-2025-68217-896e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68218",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121632-CVE-2025-68218-4aee@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68219",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121632-CVE-2025-68219-f9c4@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68220",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121633-CVE-2025-68220-9526@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68221",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121633-CVE-2025-68221-7f16@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68222",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121633-CVE-2025-68222-1d22@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68223",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121634-CVE-2025-68223-4e44@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68224",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121634-CVE-2025-68224-37da@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68225",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121634-CVE-2025-68225-bfd3@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68226",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121635-CVE-2025-68226-6559@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68227",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121635-CVE-2025-68227-930f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68228",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121635-CVE-2025-68228-43e1@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68229",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121636-CVE-2025-68229-8958@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68230",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121636-CVE-2025-68230-a9be@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68231",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121636-CVE-2025-68231-74ba@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68232",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121617-CVE-2025-68232-3ea7@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68233",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121617-CVE-2025-68233-1595@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68234",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121617-CVE-2025-68234-5ab4@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68235",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121634-CVE-2025-68235-2837@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68236",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121635-CVE-2025-68236-d2fe@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68237",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121635-CVE-2025-68237-7f03@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68238",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121635-CVE-2025-68238-fd37@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68239",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121630-CVE-2025-68239-f7a4@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68240",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121632-CVE-2025-68240-03ff@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68241",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121632-CVE-2025-68241-854d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68242",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121632-CVE-2025-68242-45e0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68243",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121633-CVE-2025-68243-cdd0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68244",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121633-CVE-2025-68244-9dbc@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68245",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121633-CVE-2025-68245-4e60@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68246",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121634-CVE-2025-68246-7c3d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68247",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121634-CVE-2025-68247-9661@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68248",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121623-CVE-2025-68248-2695@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68249",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121623-CVE-2025-68249-f6bc@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68250",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121623-CVE-2025-68250-9b9c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68251",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121624-CVE-2025-68251-782f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68252",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121624-CVE-2025-68252-5763@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68253",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121624-CVE-2025-68253-7e3c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68254",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121610-CVE-2025-68254-b745@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68255",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121612-CVE-2025-68255-3994@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68256",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121612-CVE-2025-68256-5ed2@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68257",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121613-CVE-2025-68257-3579@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68258",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121613-CVE-2025-68258-9a76@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68259",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121613-CVE-2025-68259-16e3@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68260",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121614-CVE-2025-68260-558d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68261",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121614-CVE-2025-68261-4e23@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68262",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121614-CVE-2025-68262-8492@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68263",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121615-CVE-2025-68263-9c03@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68264",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121615-CVE-2025-68264-6768@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68265",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121609-CVE-2025-68265-4800@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68266",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121609-CVE-2025-68266-d334@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68281",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121640-CVE-2025-68281-4fa1@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68282",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121635-CVE-2025-68282-641e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68283",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121637-CVE-2025-68283-77dd@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68284",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121637-CVE-2025-68284-132f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68285",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121638-CVE-2025-68285-8339@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68286",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121638-CVE-2025-68286-cda3@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68287",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121638-CVE-2025-68287-5647@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68288",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121639-CVE-2025-68288-c606@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68289",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121639-CVE-2025-68289-1efe@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68290",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121639-CVE-2025-68290-e13c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68291",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121640-CVE-2025-68291-4649@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68292",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121640-CVE-2025-68292-434b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68293",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121640-CVE-2025-68293-ea76@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68294",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121641-CVE-2025-68294-fcd2@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68295",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121641-CVE-2025-68295-89cb@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68296",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121641-CVE-2025-68296-c946@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68297",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121642-CVE-2025-68297-1f6e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68298",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121642-CVE-2025-68298-40ed@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68299",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121642-CVE-2025-68299-411f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68300",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121643-CVE-2025-68300-ec22@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68301",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121643-CVE-2025-68301-be31@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68302",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121643-CVE-2025-68302-913d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68303",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121644-CVE-2025-68303-2c61@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68304",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121644-CVE-2025-68304-9ae7@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68305",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121644-CVE-2025-68305-e40b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68306",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121645-CVE-2025-68306-e034@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68307",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121645-CVE-2025-68307-5e9b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68308",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121645-CVE-2025-68308-5dc4@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68309",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121651-CVE-2025-68309-1029@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68310",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121653-CVE-2025-68310-e0fc@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68311",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121654-CVE-2025-68311-c43d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68312",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121654-CVE-2025-68312-63bb@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68313",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121654-CVE-2025-68313-c65d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68314",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121655-CVE-2025-68314-847b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68315",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121655-CVE-2025-68315-158d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68316",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121655-CVE-2025-68316-fe36@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68317",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121656-CVE-2025-68317-28c8@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68318",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121656-CVE-2025-68318-5c94@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68319",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121656-CVE-2025-68319-6b7f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68320",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121622-CVE-2025-68320-4e08@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68321",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121622-CVE-2025-68321-72b0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-68322",
        "url": "https://lore.kernel.org/linux-cve-announce/2025121622-CVE-2025-68322-b034@gregkh/"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2025:15836-1 vom 2025-12-21",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/53M4O7COKUKFXHXPCFMZDFAEZFGUL66A/"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-12-21T23:00:00.000+00:00",
      "generator": {
        "date": "2025-12-22T08:55:39.567+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2025-2868",
      "initial_release_date": "2025-12-16T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-12-16T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2025-12-21T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von openSUSE aufgenommen"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Linux Kernel",
            "product": {
              "name": "Open Source Linux Kernel",
              "product_id": "T049490",
              "product_identification_helper": {
                "cpe": "cpe:/o:linux:linux_kernel:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE openSUSE",
            "product": {
              "name": "SUSE openSUSE",
              "product_id": "T027843",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:opensuse:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-1000204",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2018-1000204"
    },
    {
      "cve": "CVE-2025-40346",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-40346"
    },
    {
      "cve": "CVE-2025-40347",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-40347"
    },
    {
      "cve": "CVE-2025-40348",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-40348"
    },
    {
      "cve": "CVE-2025-40349",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-40349"
    },
    {
      "cve": "CVE-2025-40350",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-40350"
    },
    {
      "cve": "CVE-2025-40351",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-40351"
    },
    {
      "cve": "CVE-2025-40352",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-40352"
    },
    {
      "cve": "CVE-2025-40353",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-40353"
    },
    {
      "cve": "CVE-2025-40354",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-40354"
    },
    {
      "cve": "CVE-2025-40355",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-40355"
    },
    {
      "cve": "CVE-2025-40356",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-40356"
    },
    {
      "cve": "CVE-2025-40357",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-40357"
    },
    {
      "cve": "CVE-2025-40358",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-40358"
    },
    {
      "cve": "CVE-2025-40359",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-40359"
    },
    {
      "cve": "CVE-2025-40360",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-40360"
    },
    {
      "cve": "CVE-2025-40361",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-40361"
    },
    {
      "cve": "CVE-2025-40362",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-40362"
    },
    {
      "cve": "CVE-2025-40363",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-40363"
    },
    {
      "cve": "CVE-2025-68167",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68167"
    },
    {
      "cve": "CVE-2025-68168",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68168"
    },
    {
      "cve": "CVE-2025-68169",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68169"
    },
    {
      "cve": "CVE-2025-68170",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68170"
    },
    {
      "cve": "CVE-2025-68171",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68171"
    },
    {
      "cve": "CVE-2025-68172",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68172"
    },
    {
      "cve": "CVE-2025-68173",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68173"
    },
    {
      "cve": "CVE-2025-68174",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68174"
    },
    {
      "cve": "CVE-2025-68175",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68175"
    },
    {
      "cve": "CVE-2025-68176",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68176"
    },
    {
      "cve": "CVE-2025-68177",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68177"
    },
    {
      "cve": "CVE-2025-68178",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68178"
    },
    {
      "cve": "CVE-2025-68179",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68179"
    },
    {
      "cve": "CVE-2025-68180",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68180"
    },
    {
      "cve": "CVE-2025-68181",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68181"
    },
    {
      "cve": "CVE-2025-68182",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68182"
    },
    {
      "cve": "CVE-2025-68183",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68183"
    },
    {
      "cve": "CVE-2025-68184",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68184"
    },
    {
      "cve": "CVE-2025-68185",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68185"
    },
    {
      "cve": "CVE-2025-68186",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68186"
    },
    {
      "cve": "CVE-2025-68187",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68187"
    },
    {
      "cve": "CVE-2025-68188",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68188"
    },
    {
      "cve": "CVE-2025-68189",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68189"
    },
    {
      "cve": "CVE-2025-68190",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68190"
    },
    {
      "cve": "CVE-2025-68191",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68191"
    },
    {
      "cve": "CVE-2025-68192",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68192"
    },
    {
      "cve": "CVE-2025-68193",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68193"
    },
    {
      "cve": "CVE-2025-68194",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68194"
    },
    {
      "cve": "CVE-2025-68195",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68195"
    },
    {
      "cve": "CVE-2025-68196",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68196"
    },
    {
      "cve": "CVE-2025-68197",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68197"
    },
    {
      "cve": "CVE-2025-68198",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68198"
    },
    {
      "cve": "CVE-2025-68199",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68199"
    },
    {
      "cve": "CVE-2025-68200",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68200"
    },
    {
      "cve": "CVE-2025-68201",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68201"
    },
    {
      "cve": "CVE-2025-68202",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68202"
    },
    {
      "cve": "CVE-2025-68203",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68203"
    },
    {
      "cve": "CVE-2025-68204",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68204"
    },
    {
      "cve": "CVE-2025-68205",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68205"
    },
    {
      "cve": "CVE-2025-68206",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68206"
    },
    {
      "cve": "CVE-2025-68207",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68207"
    },
    {
      "cve": "CVE-2025-68208",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68208"
    },
    {
      "cve": "CVE-2025-68209",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68209"
    },
    {
      "cve": "CVE-2025-68210",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68210"
    },
    {
      "cve": "CVE-2025-68211",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68211"
    },
    {
      "cve": "CVE-2025-68212",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68212"
    },
    {
      "cve": "CVE-2025-68213",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68213"
    },
    {
      "cve": "CVE-2025-68214",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68214"
    },
    {
      "cve": "CVE-2025-68215",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68215"
    },
    {
      "cve": "CVE-2025-68216",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68216"
    },
    {
      "cve": "CVE-2025-68217",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68217"
    },
    {
      "cve": "CVE-2025-68218",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68218"
    },
    {
      "cve": "CVE-2025-68219",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68219"
    },
    {
      "cve": "CVE-2025-68220",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68220"
    },
    {
      "cve": "CVE-2025-68221",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68221"
    },
    {
      "cve": "CVE-2025-68222",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68222"
    },
    {
      "cve": "CVE-2025-68223",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68223"
    },
    {
      "cve": "CVE-2025-68224",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68224"
    },
    {
      "cve": "CVE-2025-68225",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68225"
    },
    {
      "cve": "CVE-2025-68226",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68226"
    },
    {
      "cve": "CVE-2025-68227",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68227"
    },
    {
      "cve": "CVE-2025-68228",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68228"
    },
    {
      "cve": "CVE-2025-68229",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68229"
    },
    {
      "cve": "CVE-2025-68230",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68230"
    },
    {
      "cve": "CVE-2025-68231",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68231"
    },
    {
      "cve": "CVE-2025-68232",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68232"
    },
    {
      "cve": "CVE-2025-68233",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68233"
    },
    {
      "cve": "CVE-2025-68234",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68234"
    },
    {
      "cve": "CVE-2025-68235",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68235"
    },
    {
      "cve": "CVE-2025-68236",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68236"
    },
    {
      "cve": "CVE-2025-68237",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68237"
    },
    {
      "cve": "CVE-2025-68238",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68238"
    },
    {
      "cve": "CVE-2025-68239",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68239"
    },
    {
      "cve": "CVE-2025-68240",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68240"
    },
    {
      "cve": "CVE-2025-68241",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68241"
    },
    {
      "cve": "CVE-2025-68242",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68242"
    },
    {
      "cve": "CVE-2025-68243",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68243"
    },
    {
      "cve": "CVE-2025-68244",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68244"
    },
    {
      "cve": "CVE-2025-68245",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68245"
    },
    {
      "cve": "CVE-2025-68246",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68246"
    },
    {
      "cve": "CVE-2025-68247",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68247"
    },
    {
      "cve": "CVE-2025-68248",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68248"
    },
    {
      "cve": "CVE-2025-68249",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68249"
    },
    {
      "cve": "CVE-2025-68250",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68250"
    },
    {
      "cve": "CVE-2025-68251",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68251"
    },
    {
      "cve": "CVE-2025-68252",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68252"
    },
    {
      "cve": "CVE-2025-68253",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68253"
    },
    {
      "cve": "CVE-2025-68254",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68254"
    },
    {
      "cve": "CVE-2025-68255",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68255"
    },
    {
      "cve": "CVE-2025-68256",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68256"
    },
    {
      "cve": "CVE-2025-68257",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68257"
    },
    {
      "cve": "CVE-2025-68258",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68258"
    },
    {
      "cve": "CVE-2025-68259",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68259"
    },
    {
      "cve": "CVE-2025-68260",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68260"
    },
    {
      "cve": "CVE-2025-68261",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68261"
    },
    {
      "cve": "CVE-2025-68262",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68262"
    },
    {
      "cve": "CVE-2025-68263",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68263"
    },
    {
      "cve": "CVE-2025-68264",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68264"
    },
    {
      "cve": "CVE-2025-68265",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68265"
    },
    {
      "cve": "CVE-2025-68266",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68266"
    },
    {
      "cve": "CVE-2025-68281",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68281"
    },
    {
      "cve": "CVE-2025-68282",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68282"
    },
    {
      "cve": "CVE-2025-68283",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68283"
    },
    {
      "cve": "CVE-2025-68284",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68284"
    },
    {
      "cve": "CVE-2025-68285",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68285"
    },
    {
      "cve": "CVE-2025-68286",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68286"
    },
    {
      "cve": "CVE-2025-68287",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68287"
    },
    {
      "cve": "CVE-2025-68288",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68288"
    },
    {
      "cve": "CVE-2025-68289",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68289"
    },
    {
      "cve": "CVE-2025-68290",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68290"
    },
    {
      "cve": "CVE-2025-68291",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68291"
    },
    {
      "cve": "CVE-2025-68292",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68292"
    },
    {
      "cve": "CVE-2025-68293",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68293"
    },
    {
      "cve": "CVE-2025-68294",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68294"
    },
    {
      "cve": "CVE-2025-68295",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68295"
    },
    {
      "cve": "CVE-2025-68296",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68296"
    },
    {
      "cve": "CVE-2025-68297",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68297"
    },
    {
      "cve": "CVE-2025-68298",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68298"
    },
    {
      "cve": "CVE-2025-68299",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68299"
    },
    {
      "cve": "CVE-2025-68300",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68300"
    },
    {
      "cve": "CVE-2025-68301",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68301"
    },
    {
      "cve": "CVE-2025-68302",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68302"
    },
    {
      "cve": "CVE-2025-68303",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68303"
    },
    {
      "cve": "CVE-2025-68304",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68304"
    },
    {
      "cve": "CVE-2025-68305",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68305"
    },
    {
      "cve": "CVE-2025-68306",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68306"
    },
    {
      "cve": "CVE-2025-68307",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68307"
    },
    {
      "cve": "CVE-2025-68308",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68308"
    },
    {
      "cve": "CVE-2025-68309",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68309"
    },
    {
      "cve": "CVE-2025-68310",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68310"
    },
    {
      "cve": "CVE-2025-68311",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68311"
    },
    {
      "cve": "CVE-2025-68312",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68312"
    },
    {
      "cve": "CVE-2025-68313",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68313"
    },
    {
      "cve": "CVE-2025-68314",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68314"
    },
    {
      "cve": "CVE-2025-68315",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68315"
    },
    {
      "cve": "CVE-2025-68316",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68316"
    },
    {
      "cve": "CVE-2025-68317",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68317"
    },
    {
      "cve": "CVE-2025-68318",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68318"
    },
    {
      "cve": "CVE-2025-68319",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68319"
    },
    {
      "cve": "CVE-2025-68320",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68320"
    },
    {
      "cve": "CVE-2025-68321",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68321"
    },
    {
      "cve": "CVE-2025-68322",
      "product_status": {
        "known_affected": [
          "T049490",
          "T027843"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-68322"
    }
  ]
}

fkie_cve-2025-68183

Vulnerability from fkie_nvd

Published

2025-12-16 14:15

Modified

2025-12-18 15:08

Severity ?

Summary

References

	URL	Tags
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/02aa671c08a4834bef5166743a7b88686fbfa023
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/88b4cbcf6b041ae0f2fc8a34554a5b6a83a2b7cd
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/d2993a7e98eb70c737c6f5365a190e79c72b8407
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/edd824eb45e4f7e05ad3ab090dab6dbdb79cd292

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nima: don\u0027t clear IMA_DIGSIG flag when setting or removing non-IMA xattr\n\nCurrently when both IMA and EVM are in fix mode, the IMA signature will\nbe reset to IMA hash if a program first stores IMA signature in\nsecurity.ima and then writes/removes some other security xattr for the\nfile.\n\nFor example, on Fedora, after booting the kernel with \"ima_appraise=fix\nevm=fix ima_policy=appraise_tcb\" and installing rpm-plugin-ima,\ninstalling/reinstalling a package will not make good reference IMA\nsignature generated. Instead IMA hash is generated,\n\n    # getfattr -m - -d -e hex /usr/bin/bash\n    # file: usr/bin/bash\n    security.ima=0x0404...\n\nThis happens because when setting security.selinux, the IMA_DIGSIG flag\nthat had been set early was cleared. As a result, IMA hash is generated\nwhen the file is closed.\n\nSimilarly, IMA signature can be cleared on file close after removing\nsecurity xattr like security.evm or setting/removing ACL.\n\nPrevent replacing the IMA file signature with a file hash, by preventing\nthe IMA_DIGSIG flag from being reset.\n\nHere\u0027s a minimal C reproducer which sets security.selinux as the last\nstep which can also replaced by removing security.evm or setting ACL,\n\n    #include \u003cstdio.h\u003e\n    #include \u003csys/xattr.h\u003e\n    #include \u003cfcntl.h\u003e\n    #include \u003cunistd.h\u003e\n    #include \u003cstring.h\u003e\n    #include \u003cstdlib.h\u003e\n\n    int main() {\n        const char* file_path = \"/usr/sbin/test_binary\";\n        const char* hex_string = \"030204d33204490066306402304\";\n        int length = strlen(hex_string);\n        char* ima_attr_value;\n        int fd;\n\n        fd = open(file_path, O_WRONLY|O_CREAT|O_EXCL, 0644);\n        if (fd == -1) {\n            perror(\"Error opening file\");\n            return 1;\n        }\n\n        ima_attr_value = (char*)malloc(length / 2 );\n        for (int i = 0, j = 0; i \u003c length; i += 2, j++) {\n            sscanf(hex_string + i, \"%2hhx\", \u0026ima_attr_value[j]);\n        }\n\n        if (fsetxattr(fd, \"security.ima\", ima_attr_value, length/2, 0) == -1) {\n            perror(\"Error setting extended attribute\");\n            close(fd);\n            return 1;\n        }\n\n        const char* selinux_value= \"system_u:object_r:bin_t:s0\";\n        if (fsetxattr(fd, \"security.selinux\", selinux_value, strlen(selinux_value), 0) == -1) {\n            perror(\"Error setting extended attribute\");\n            close(fd);\n            return 1;\n        }\n\n        close(fd);\n\n        return 0;\n    }"
    }
  ],
  "id": "CVE-2025-68183",
  "lastModified": "2025-12-18T15:08:25.907",
  "metrics": {},
  "published": "2025-12-16T14:15:50.880",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/02aa671c08a4834bef5166743a7b88686fbfa023"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/88b4cbcf6b041ae0f2fc8a34554a5b6a83a2b7cd"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/d2993a7e98eb70c737c6f5365a190e79c72b8407"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/edd824eb45e4f7e05ad3ab090dab6dbdb79cd292"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2025-68183 (GCVE-0-2025-68183)

Vulnerability from cvelistv5

ghsa-w26q-x7h4-9gc5

Vulnerability from github

wid-sec-w-2025-2868

Vulnerability from csaf_certbund

fkie_cve-2025-68183

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature