Home

Description

In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized 'offp' in statmount_string() In statmount_string(), most flags assign an output offset pointer (offp) which is later updated with the string offset. However, the STATMOUNT_MNT_UIDMAP and STATMOUNT_MNT_GIDMAP cases directly set the struct fields instead of using offp. This leaves offp uninitialized, leading to a possible uninitialized dereference when *offp is updated. Fix it by assigning offp for UIDMAP and GIDMAP as well, keeping the code path consistent.

PUBLISHED Reserved 2025-12-16 | Published 2025-12-16 | Updated 2025-12-16 | Assigner Linux

Product status

Default status
unaffected

e52e97f09fb66fd868260d05bd6b74a9a3db39ee (git) before acfde9400e611c8d2668f1c70053c4a1d6ecfc36
affected

e52e97f09fb66fd868260d05bd6b74a9a3db39ee (git) before 0778ac7df5137d5041783fadfc201f8fd55a1d9b
affected

d49c64c1d723c167f521833f429ab28d3ca7e0d9 (git)
affected

c3787a4fae66e710543137b4b1b073cb2bff3bca (git)
affected

Default status
affected

6.14
affected

Any version before 6.14
unaffected

6.17.10 (semver)
unaffected

6.18 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/acfde9400e611c8d2668f1c70053c4a1d6ecfc36

git.kernel.org/...c/0778ac7df5137d5041783fadfc201f8fd55a1d9b

cve.org (CVE-2025-68212)

nvd.nist.gov (CVE-2025-68212)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.