#VU104045 Security features bypass in Linux kernel - CVE-2025-1272

Cybersecurity Help s.r.o.

Published: 2025-02-18

Vulnerability identifier: #VU104045

Vulnerability risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-1272

CWE-ID: CWE-254

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows an attacker to bypass implemented security restrictions.

The vulnerability exists due to Secure Boot implementation does not automatically enable kernel lockdown. An attacker with physical access to the system can bypass implemented security restrictions.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Linux kernel: before 6.12.6, 6.12.6

External links
https://bugzilla.redhat.com/show_bug.cgi?id=2333706
https://bugzilla.redhat.com/show_bug.cgi?id=2345700
https://bugzilla.redhat.com/show_bug.cgi?id=2345701

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Fedora 41 update for kernel

Fedora 40 update for kernel

Fedora 41 update for kernel

Fedora 40 update for kernel

Security features bypass in Linux kernel