TLS Certificate Matching Vulnerability in Linux Kernel for NFS Clients
CVE-2025-68243
Currently unrated
What is CVE-2025-68243?
A vulnerability exists in the Linux kernel related to NFS clients, specifically in the handling of TLS certificates. When the TLS security policy is set to RPC_XPRTSEC_TLS_X509, it is crucial for the cert_serial and privkey_serial fields to match. These fields uniquely define the client's identity as recognized by the server. Failure to ensure this matching can lead to misidentification and potential security risks in communications between NFS clients and servers.
Affected Version(s)
Linux 90c9550a8d65fb9b1bf87baf97a04ed91bf61b33
Linux 90c9550a8d65fb9b1bf87baf97a04ed91bf61b33
Linux 6.17