CVE-2025-68242

UNKNOWN 0.0

NFS: Fix LTP test failures when timestamps are delegated

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix LTP test failures when timestamps are delegated The utimes01 and utime06 tests fail when delegated timestamps are enabled, specifically in subtests that modify the atime and mtime fields using the 'nobody' user ID. The problem can be reproduced as follow: # echo "/media *(rw,no_root_squash,sync)" >> /etc/exports # export -ra # mount -o rw,nfsvers=4.2 127.0.0.1:/media /tmpdir # cd /opt/ltp # ./runltp -d /tmpdir -s utimes01 # ./runltp -d /tmpdir -s utime06 This issue occurs because nfs_setattr does not verify the inode's UID against the caller's fsuid when delegated timestamps are permitted for the inode. This patch adds the UID check and if it does not match then the request is sent to the server for permission checking.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Dec 16, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

e12912d94137ab36ee704a91f465ff15c8b423da < b2e4cda71ed062c87573b016d2d956a62f4258ed e12912d94137ab36ee704a91f465ff15c8b423da < 0e9be902041c6b9f0ed4b72764187eed1067a42f e12912d94137ab36ee704a91f465ff15c8b423da < b623390045a81fc559decb9bfeb79319721d3dfb

Linux / Linux

6.11

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/b2e4cda71ed062c87573b016d2d956a62f4258ed git.kernel.org: https://git.kernel.org/stable/c/0e9be902041c6b9f0ed4b72764187eed1067a42f git.kernel.org: https://git.kernel.org/stable/c/b623390045a81fc559decb9bfeb79319721d3dfb