Linux Kernel NFS Vulnerability Affecting Timestamp Delegation
CVE-2025-68242
What is CVE-2025-68242?
A vulnerability in the Linux kernel exists related to the Network File System (NFS) that affects the handling of delegated timestamps. Specifically, the issue arises when running certain tests, namely 'utimes01' and 'utime06', which fail due to improper permission checks when the 'nobody' user ID is utilized. The vulnerability stems from the nfs_setattr function's inability to verify the inode's UID against the caller's fsuid, potentially allowing unauthorized modifications to the atime and mtime fields. A patch has been introduced to add this crucial UID verification step, ensuring that requests lacking appropriate permissions are directed to the server for approval, thereby enhancing the security of the NFS delegation process.
Affected Version(s)
Linux e12912d94137ab36ee704a91f465ff15c8b423da
Linux e12912d94137ab36ee704a91f465ff15c8b423da < 0e9be902041c6b9f0ed4b72764187eed1067a42f
Linux e12912d94137ab36ee704a91f465ff15c8b423da