CVE-2025-71239 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: audit: add fchmodat2() to change attributes class fchmodat2(), introduced in version 6.6 is currently not in the change attribute class of audit. Calling fchmodat2() to change a file attribute in the same fashion than chmod() or fchmodat() will bypass audit rules such as: -w /tmp/test -p rwa -k test_rwa The current patch adds fchmodat2() to the change attributes class.

PUBLISHED Reserved 2026-02-18 | Published 2026-03-17 | Updated 2026-04-13 | Assigner Linux

Product status

Default status

unaffected

09da082b07bbae1c11d9560c8502800039aebcea (git) before 91e27bc79c3bca93c06bf5a471d47df9a35b3741

affected

09da082b07bbae1c11d9560c8502800039aebcea (git) before 3e762a03713e8c25ca0108c075d662c897fc0623

affected

09da082b07bbae1c11d9560c8502800039aebcea (git) before 4fed776ca86378da7dd743a7b648e20b025ba8ef

affected

09da082b07bbae1c11d9560c8502800039aebcea (git) before c4334c0d0e7d6f02ed93756fd4ba807e3d00c05f

affected

09da082b07bbae1c11d9560c8502800039aebcea (git) before 4f493a6079b588cf1f04ce5ed6cdad45ab0d53dc

affected

Default status

affected

6.6

affected

Any version before 6.6

unaffected

6.6.128 (semver)

unaffected

6.12.75 (semver)

unaffected

6.18.16 (semver)

unaffected

6.19.6 (semver)

unaffected

7.0 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/91e27bc79c3bca93c06bf5a471d47df9a35b3741

git.kernel.org/...c/3e762a03713e8c25ca0108c075d662c897fc0623

git.kernel.org/...c/4fed776ca86378da7dd743a7b648e20b025ba8ef

git.kernel.org/...c/c4334c0d0e7d6f02ed93756fd4ba807e3d00c05f

git.kernel.org/...c/4f493a6079b588cf1f04ce5ed6cdad45ab0d53dc

www.bencteux.fr/posts/missing_syscalls_audit/

cve.org (CVE-2025-71239)

nvd.nist.gov (CVE-2025-71239)

Download JSON

help @ threatint.eu