Main Vulnerability Database Vulnerabilities #VU104045

#VU104045 Security features bypass in Linux kernel - CVE-2025-1272

Published: February 18, 2025

Vulnerability identifier: #VU104045

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-1272

CWE-ID: CWE-254

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Linux kernel

Software vendor:
Linux Foundation

Description

The vulnerability allows an attacker to bypass implemented security restrictions.

The vulnerability exists due to Secure Boot implementation does not automatically enable kernel lockdown. An attacker with physical access to the system can bypass implemented security restrictions.

Remediation

Install updates from vendor's website.

External links

https://bugzilla.redhat.com/show_bug.cgi?id=2333706
https://bugzilla.redhat.com/show_bug.cgi?id=2345700
https://bugzilla.redhat.com/show_bug.cgi?id=2345701

#VU104045 Security features bypass in Linux kernel - CVE-2025-1272

Description

Remediation

External links

Please verify you're human