CVE-2025-1272

Sažetak

The Linux Kernel lockdown mode for kernel versions starting on 6.12 and above for Fedora Linux has the lockdown mode disabled without any warning. This may allow an attacker to gain access to sensitive information such kernel memory mappings, I/O ports, BPF and kprobes. Additionally unsigned modules can be loaded, leading to execution of untrusted code breaking breaking any Secure Boot protection. This vulnerability affects only Fedora Linux.

Reference

https://access.redhat.com/errata/RHSA-2025:6966
https://access.redhat.com/security/cve/CVE-2025-1272
https://bugzilla.redhat.com/show_bug.cgi?id=2345615

CVSS

Base:	7.7
Impact:	6.0
Exploitability:	1.1

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	HIGH

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

Zadnje važnije ažuriranje

26-02-2026 - 17:22

Objavljeno

18-02-2026 - 21:16