CVE-2025-0927 - Vulnerability Details

In the Linux kernel, the following vulnerability has been found: A heap overflow in the hfs and hfsplus filesystems can happen if a user mounts a manually crafted filesystem. At this point in time, it is not fixed in any released kernel version, this is a stop-gap report to notify that kernel.org is now the owner of this CVE id. The Linux kernel CVE team has been assigned CVE-2025-0927 as it was incorrectly created by a different CNA that really should have known better to not have done this.to this issue.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable no

Technical Impact total

No data.

References

Link	Providers
https://ssd-disclosure.com/ssd-advisory-linux-kernel-hfsplus-slab-out-of-bounds-write/
https://ubuntu.com/security/CVE-2025-0927
https://ubuntu.com/security/notices/USN-7276-1
https://www.kernel.org/

History

Mon, 31 Mar 2025 15:45:00 +0000

Type	Values Removed	Values Added
Weaknesses	CWE-122

Mon, 31 Mar 2025 15:15:00 +0000

Type	Values Removed	Values Added
Metrics	cvssV3_1 `{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}`	cvssV3_1 `{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}`

Mon, 31 Mar 2025 14:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-122

Mon, 31 Mar 2025 08:15:00 +0000

Type	Values Removed	Values Added
Title	HFS+ filesystem heap overflow

Sun, 30 Mar 2025 20:15:00 +0000

Type	Values Removed	Values Added
Title		HFS+ filesystem heap overflow

Sun, 30 Mar 2025 19:15:00 +0000

Type	Values Removed	Values Added
Title	HFS+ filesystem heap overflow
Metrics	cvssV4_0 `{'score': 10, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H'}`

Sun, 30 Mar 2025 19:00:00 +0000

Type	Values Removed	Values Added
Description	Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code.	In the Linux kernel, the following vulnerability has been found: A heap overflow in the hfs and hfsplus filesystems can happen if a user mounts a manually crafted filesystem. At this point in time, it is not fixed in any released kernel version, this is a stop-gap report to notify that kernel.org is now the owner of this CVE id. The Linux kernel CVE team has been assigned CVE-2025-0927 as it was incorrectly created by a different CNA that really should have known better to not have done this.to this issue.
References		https://www.kernel.org/
Metrics		cvssV4_0 `{'score': 10, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H'}`

Tue, 25 Mar 2025 14:15:00 +0000

Type	Values Removed	Values Added
References		https://ssd-disclosure.com/ssd-advisory-linux-kernel-hfsplus-slab-out-of-bounds-write/
Metrics	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Mon, 24 Mar 2025 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Sun, 23 Mar 2025 15:15:00 +0000

Type	Values Removed	Values Added
Description		Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code.
Title		HFS+ filesystem heap overflow
Weaknesses		CWE-787
References		https://ubuntu.com/security/CVE-2025-0927 https://ubuntu.com/security/notices/USN-7276-1
Metrics		cvssV3_1 `{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}`

MITRE

Status: PUBLISHED

Assigner: canonical

Published: 2025-03-23T15:00:47.770Z

Updated: 2025-03-31T14:37:07.919Z

Reserved: 2025-01-31T10:42:56.521Z

Link: CVE-2025-0927

Vulnrichment

Updated: 2025-03-24T12:19:38.348Z

NVD

Status : Awaiting Analysis

Published: 2025-03-23T15:15:12.537

Modified: 2025-03-31T15:15:43.270

Link: CVE-2025-0927

Redhat

No data.

{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2025-0927", "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "state": "PUBLISHED", "assignerShortName": "canonical", "dateReserved": "2025-01-31T10:42:56.521Z", "datePublished": "2025-03-23T15:00:47.770Z", "dateUpdated": "2025-03-31T14:37:07.919Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Linux Kernel", "vendor": "Linux", "versions": [{"status": "affected", "version": "0"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "In the Linux kernel, the following vulnerability has been found:               A heap overflow in the hfs and hfsplus filesystems can happen if a user mounts a manually crafted filesystem.               At this point in time, it is not fixed in any released kernel version, this is a stop-gap report to notify that kernel.org is now the owner of this CVE id.                   The Linux kernel CVE team has been assigned CVE-2025-0927 as it was incorrectly created by a different CNA that really should have known better to not have done this.to this issue. "}], "value": "In the Linux kernel, the following vulnerability has been found:\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \nA heap overflow in the hfs and hfsplus filesystems can happen if a user mounts a manually crafted filesystem.\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \nAt this point in time, it is not fixed in any released kernel version, this is a stop-gap report to notify that kernel.org is now the owner of this CVE id. \u00a0 \u00a0 \n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \nThe Linux kernel CVE team has been assigned CVE-2025-0927 as it was incorrectly created by a different CNA that really should have known better to not have done this.to this issue."}], "problemTypes": [{"descriptions": [{"description": "heap overflow in the hfs and hfsplus filesystems with manually crafted filesystem", "lang": "en"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-03-30T18:55:36.242Z"}, "references": [{"url": "https://www.kernel.org/"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"references": [{"url": "https://ssd-disclosure.com/ssd-advisory-linux-kernel-hfsplus-slab-out-of-bounds-write/", "tags": ["exploit"]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-03-28T03:55:45.776913Z", "id": "CVE-2025-0927", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-31T14:37:07.919Z"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-0927", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-03-28T03:55:45.776913Z"}}}, {"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "references": [{"url": "https://ssd-disclosure.com/ssd-advisory-linux-kernel-hfsplus-slab-out-of-bounds-write/", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-24T12:19:38.348Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "affected": [{"vendor": "Linux", "product": "Linux Kernel", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.kernel.org/"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been found:\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \nA heap overflow in the hfs and hfsplus filesystems can happen if a user mounts a manually crafted filesystem.\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \nAt this point in time, it is not fixed in any released kernel version, this is a stop-gap report to notify that kernel.org is now the owner of this CVE id. \u00a0 \u00a0 \n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \nThe Linux kernel CVE team has been assigned CVE-2025-0927 as it was incorrectly created by a different CNA that really should have known better to not have done this.to this issue.", "supportingMedia": [{"type": "text/html", "value": "In the Linux kernel, the following vulnerability has been found:               A heap overflow in the hfs and hfsplus filesystems can happen if a user mounts a manually crafted filesystem.               At this point in time, it is not fixed in any released kernel version, this is a stop-gap report to notify that kernel.org is now the owner of this CVE id.                   The Linux kernel CVE team has been assigned CVE-2025-0927 as it was incorrectly created by a different CNA that really should have known better to not have done this.to this issue. ", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "heap overflow in the hfs and hfsplus filesystems with manually crafted filesystem"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-03-30T18:55:36.242Z"}}}, "cveMetadata": {"cveId": "CVE-2025-0927", "state": "PUBLISHED", "dateUpdated": "2025-03-30T18:55:36.242Z", "dateReserved": "2025-01-31T10:42:56.521Z", "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "datePublished": "2025-03-23T15:00:47.770Z", "assignerShortName": "canonical"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been found:\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \nA heap overflow in the hfs and hfsplus filesystems can happen if a user mounts a manually crafted filesystem.\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \nAt this point in time, it is not fixed in any released kernel version, this is a stop-gap report to notify that kernel.org is now the owner of this CVE id. \u00a0 \u00a0 \n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \nThe Linux kernel CVE team has been assigned CVE-2025-0927 as it was incorrectly created by a different CNA that really should have known better to not have done this.to this issue."}, {"lang": "es", "value": "Attila Sz\u00e1sz descubri\u00f3 que la implementaci\u00f3n del sistema de archivos HFS+ en el kernel de Linux conten\u00eda una vulnerabilidad de desbordamiento de pila. Un atacante podr\u00eda usar una imagen del sistema de archivos especialmente manipulada que, al montarse, podr\u00eda causar una denegaci\u00f3n de servicio (fallo del sistema) o posiblemente ejecutar c\u00f3digo arbitrario."}], "id": "CVE-2025-0927", "lastModified": "2025-03-31T15:15:43.270", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "security@ubuntu.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-03-23T15:15:12.537", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://www.kernel.org/"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://ssd-disclosure.com/ssd-advisory-linux-kernel-hfsplus-slab-out-of-bounds-write/"}, {"source": "security@ubuntu.com", "url": "https://ubuntu.com/security/CVE-2025-0927"}, {"source": "security@ubuntu.com", "url": "https://ubuntu.com/security/notices/USN-7276-1"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "security@ubuntu.com", "type": "Secondary"}]}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation poc

Automatable no

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object