PT-2025-51596 · Linux+3 · Linux Kernel+3

Published

2025-12-16

·

Updated

2026-05-28

·

CVE-2025-68183

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The Linux kernel contains a flaw related to the Integrity Measurement Architecture (IMA). When both IMA and Extended Verification Module (EVM) are in fix mode, the IMA signature can be reset to an IMA hash if a program first stores an IMA signature in security.ima and then writes or removes other security extended attributes for the file. This can occur when setting security.selinux, removing security.evm, or setting/removing Access Control Lists (ACLs). The issue arises because the IMA DIGSIG flag is cleared when setting security.selinux, leading to the generation of an IMA hash instead of the expected signature upon file closure. The flaw can be triggered by setting the security.selinux attribute as the final step, or by removing security.evm or modifying ACLs.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Related Identifiers

ALSA-2026:21706
ALSA-2026:21745
CVE-2025-68183
ECHO-8FCA-BEE3-335E
MGASA-2026-0017
MGASA-2026-0018
OPENSUSE-SU-2026:20145-1
SUSE-SU-2026:0278-1
SUSE-SU-2026:0281-1
SUSE-SU-2026:0293-1
SUSE-SU-2026:0315-1
SUSE-SU-2026:0411-1
SUSE-SU-2026:0474-1
SUSE-SU-2026:0496-1
SUSE-SU-2026:0617-1
SUSE-SU-2026:20207-1
SUSE-SU-2026:20220-1
SUSE-SU-2026:20228-1
SUSE-SU-2026:20477-1
SUSE-SU-2026:20498-1
SUSE-SU-2026:20845-1
SUSE-SU-2026:20876-1
USN-8029-1
USN-8029-2
USN-8029-3
USN-8030-1
USN-8048-1
USN-8095-1
USN-8095-2
USN-8095-3
USN-8095-4
USN-8095-5
USN-8100-1
USN-8125-1
USN-8126-1
USN-8165-1
USN-8261-1

Affected Products

Debian
Linuxmint
Linux Kernel
Ubuntu