CVE-2025-1272
Kernel: secure boot does not automatically enable kernel lockdown
CVSS Score
7.7
EPSS Score
0.0%
EPSS Percentile
0th
The Linux Kernel lockdown mode for kernel versions starting on 6.12 and above for Fedora Linux has the lockdown mode disabled without any warning. This may allow an attacker to gain access to sensitive information such kernel memory mappings, I/O ports, BPF and kprobes. Additionally unsigned modules can be loaded, leading to execution of untrusted code breaking breaking any Secure Boot protection. This vulnerability affects only Fedora Linux.
| Vendor | fedora project |
| Product | fedora linux |
| Published | Feb 18, 2026 |
| Last Updated | Feb 26, 2026 |
Stay Ahead of the Next One
Get instant alerts for fedora project fedora linux
Be the first to know when new high vulnerabilities affecting fedora project fedora linux are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
Required
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High
Affected Versions
Fedora Project / Fedora Linux
6.12.4-100.fc40 < 6.12.15-100.fc40 6.12.1-200.fc41 < 6.12.15-200.fc41
Red Hat / Red Hat Enterprise Linux 9
All versions affected Red Hat / Red Hat Enterprise Linux 9
All versions affected Red Hat / Red Hat Enterprise Linux 10
All versions affected Red Hat / Red Hat Enterprise Linux 6
All versions affected Red Hat / Red Hat Enterprise Linux 7
All versions affected Red Hat / Red Hat Enterprise Linux 7
All versions affected Red Hat / Red Hat Enterprise Linux 8
All versions affected Red Hat / Red Hat Enterprise Linux 8
All versions affected Red Hat / Red Hat Enterprise Linux 9
All versions affected Red Hat / Red Hat OpenShift Container Platform 4
All versions affected References
Credits
Red Hat would like to thank Nicolas Bouchinet (ANSSI โ French Cybersecurity Agency) for reporting this issue.