CVE-2025-68788

NONE EPSS 7.0%
Published Jan 13, 20265mo ago · Modified Jun 17, 20262w ago
Find Similar
Published Jan 13, 2026 5mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: fsnotify: do not generate ACCESS/MODIFY events on child for special files inotify/fanotify do not allow users with no read access to a file to subscribe to events (e.g. IN_ACCESS/IN_MODIFY), but they do allow the same user to subscribe for watching events on children when the user has access to the parent directory (e.g. /dev). Users with no read access to a file but with read access to its parent directory can still stat the file and see if it was accessed/modified via atime/mtime change. The same is not true for special files (e.g. /dev/null). Users will not generally observe atime/mtime changes when other users read/write to special files, only when someone sets atime/mtime via utimensat(). Align fsnotify events with this stat behavior and do not generate ACCESS/MODIFY events to parent watchers on read/write of special files. The events are still generated to parent watchers on utimensat(). This closes some side-channels that could be possibly used for information exfiltration [1]. [1] https://snee.la/pdf/pubs/file-notification-attacks.pdf

Threat Intelligence

EPSS Exploit Probability
7.0% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 7

  • git.kernel.org https://git.kernel.org/stable/c/635bc4def026a24e071436f4f356ea08c0eed6ff
  • git.kernel.org https://git.kernel.org/stable/c/6a7d7d96eeeab7af2bd01afbb3d9878a11a13d91
  • git.kernel.org https://git.kernel.org/stable/c/7a93edb23bcf07a3aaf8b598edfc2faa8fbcc0b6
  • git.kernel.org https://git.kernel.org/stable/c/82f7416bcbd951549e758d15fc1a96a5afc2e900
  • git.kernel.org https://git.kernel.org/stable/c/859bdf438f01d9aa7f84b09c1202d548c7cad9e8
  • git.kernel.org https://git.kernel.org/stable/c/df2711544b050aba703e6da418c53c7dc5d443ca
  • git.kernel.org https://git.kernel.org/stable/c/e0643d46759db8b84c0504a676043e5e341b6c81

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.