CVE-2025-1272 - Vulnerability Details

The Linux Kernel lockdown mode for kernel versions starting on 6.12 and above for Fedora Linux has the lockdown mode disabled without any warning. This may allow an attacker to gain access to sensitive information such kernel memory mappings, I/O ports, BPF and kprobes. Additionally unsigned modules can be loaded, leading to execution of untrusted code breaking breaking any Secure Boot protection. This vulnerability affects only Fedora Linux.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Redhat Subscribe	Enterprise Linux Subscribe

No data.

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 9
kernel-0:5.14.0-570.12.1.el9_6	cpe:/a:redhat:enterprise_linux:9	RHSA-2025:6966	2025-05-13T00:00:00Z
kernel-0:5.14.0-570.12.1.el9_6	cpe:/o:redhat:enterprise_linux:9	RHSA-2025:6966	2025-05-13T00:00:00Z

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://nvd.nist.gov/vuln/detail/CVE-2025-1272
https://www.cve.org/CVERecord?id=CVE-2025-1272

History

Wed, 14 May 2025 03:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat Redhat enterprise Linux
CPEs		cpe:/a:redhat:enterprise_linux:9 cpe:/o:redhat:enterprise_linux:9
Vendors & Products		Redhat Redhat enterprise Linux

Tue, 18 Feb 2025 15:15:00 +0000

Type	Values Removed	Values Added
Description	No description is available for this CVE.	The Linux Kernel lockdown mode for kernel versions starting on 6.12 and above for Fedora Linux has the lockdown mode disabled without any warning. This may allow an attacker to gain access to sensitive information such kernel memory mappings, I/O ports, BPF and kprobes. Additionally unsigned modules can be loaded, leading to execution of untrusted code breaking breaking any Secure Boot protection. This vulnerability affects only Fedora Linux.

Sat, 15 Feb 2025 02:45:00 +0000

Type	Values Removed	Values Added
Title	kernel: Kernel's lockdown disable on Fedora's kernel due to a regression	kernel: Secure Boot does not automatically enable kernel lockdown

Fri, 14 Feb 2025 02:00:00 +0000

Type	Values Removed	Values Added
Description		No description is available for this CVE.
Title		kernel: Kernel's lockdown disable on Fedora's kernel due to a regression
References		https://nvd.nist.gov/vuln/detail/CVE-2025-1272 https://www.cve.org/CVERecord?id=CVE-2025-1272
Metrics	threat_severity `None`	cvssV3_1 `{'score': 7.7, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H'}` threat_severity `Moderate`

Projects

Sign in to view the affected projects.

MITRE

No data.

Vulnrichment

No data.

NVD

No data.

Redhat

Severity : Moderate

Publid Date: 2025-02-13T00:00:00Z

Links: CVE-2025-1272 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

No weakness.

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Affected Vendors & Products

Projects

JSON object

JSON object

JSON object

JSON object

JSON object