CVE-2025-1272

{"id": "CVE-2025-1272", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "patrick@puiterwijk.org", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.7, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 1.1}]}, "published": "2026-02-18T21:16:21.100", "references": [{"url": "https://access.redhat.com/errata/RHSA-2025:6966", "source": "patrick@puiterwijk.org"}, {"url": "https://access.redhat.com/security/cve/CVE-2025-1272", "source": "patrick@puiterwijk.org"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345615", "source": "patrick@puiterwijk.org"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-306"}]}], "descriptions": [{"lang": "en", "value": "The Linux Kernel lockdown mode for kernel versions starting on 6.12 and above for Fedora Linux has the lockdown mode disabled without any warning. This may allow an attacker to gain access to sensitive information such kernel memory mappings, I/O ports, BPF and kprobes. Additionally unsigned modules can be loaded, leading to execution of untrusted code breaking breaking any Secure Boot protection. This vulnerability affects only Fedora Linux."}, {"lang": "es", "value": "El modo de bloqueo del kernel de Linux para versiones del kernel a partir de la 6.12 y superiores para Fedora Linux tiene el modo de bloqueo deshabilitado sin ninguna advertencia. Esto puede permitir a un atacante obtener acceso a informaci\u00f3n sensible como mapeos de memoria del kernel, puertos de E/S, BPF y kprobes. Adem\u00e1s, se pueden cargar m\u00f3dulos sin firmar, lo que lleva a la ejecuci\u00f3n de c\u00f3digo no confiable, rompiendo cualquier protecci\u00f3n de Secure Boot. Esta vulnerabilidad afecta solo a Fedora Linux."}], "lastModified": "2026-04-15T00:35:42.020", "sourceIdentifier": "patrick@puiterwijk.org"}