From nobody Mon Feb 9 07:38:38 2026 Received: from mx0b-00069f02.pphosted.com (mx0b-00069f02.pphosted.com [205.220.177.32]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1F244139579 for ; Sat, 17 Jan 2026 15:34:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=205.220.177.32 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1768664082; cv=none; b=h9ODXba5yE251zVt3KFw/sANhYwi4dvMRmTUmS1tXS+wp7h8EMWHlZIaPLau/QUON+MeLGseJb7Yx03ios54x4sQNDvwkNDv+/t8jbx17MRcyIAO0AyAFSqRt25sjusOS6Vi9Hkj5QUjrFQI3gABF3uoKDgeO5qNR9obuZ8UCHM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1768664082; c=relaxed/simple; bh=8KkVwqtbTO2TMWfz03syAAtETw+geOtQyaYXopJlmBw=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=FYrtD6NTlKf6ECFO0ptUGFWkgrwM93mjwanY8TP9DpJ5HLiK4jOKIW5MNAJlt2lIOEc8woHJDCqieATlIGnPVizr/YuafVvk6AbZ2B02CaXsA7JCO33g0Lr5ZBzdKO5Yp5xzC1ww/lIeo9JdLVE1zxJSWu7eR7T06KFs3D+CGbs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=oracle.com; spf=pass smtp.mailfrom=oracle.com; dkim=pass (2048-bit key) header.d=oracle.com header.i=@oracle.com header.b=jyP4tr39; arc=none smtp.client-ip=205.220.177.32 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=oracle.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=oracle.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=oracle.com header.i=@oracle.com header.b="jyP4tr39" Received: from pps.filterd (m0246631.ppops.net [127.0.0.1]) by mx0b-00069f02.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 60HFJNcc1405872; Sat, 17 Jan 2026 15:34:31 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=cc :content-transfer-encoding:date:from:message-id:mime-version :subject:to; s=corp-2025-04-25; bh=KJcfzGWpILNJ2nfbyVImsV+qzFo2z LvnUAzFyeYpcC8=; b=jyP4tr394reRPwenmN2NUEWJ19DaWYQMQnQ+lMfbSl46R MtuHGPjnkjs+52apd1+IIzcuHktY6CZhylxWIsqdp6wRSl00rKt7jTzSgZZVQ9yp nAL1PaW7OfCvrT61FLnxk0sysqhOuzm4PB3myQjc8YPm3ze61RSfKRA1uPf0JF+M FC6hZDWI4P7Zh2mh8MHuP7c8ttTDgkFym1qniU3ZJC+f1rZu+rFv58wgK61Y8i8M A+NaO2CY/RIiieTgSntqB+yv+IoBp93UBtPTDfxcPAmKGuhfZmjGVbVCoDfoKgiH QAs3L0bxxqqR233mOmLQEDvNuwkdz5eKLDsEljElA== Received: from iadpaimrmta03.imrmtpd1.prodappiadaev1.oraclevcn.com (iadpaimrmta03.appoci.oracle.com [130.35.103.27]) by mx0b-00069f02.pphosted.com (PPS) with ESMTPS id 4br1708cvj-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Sat, 17 Jan 2026 15:34:31 +0000 (GMT) Received: from pps.filterd (iadpaimrmta03.imrmtpd1.prodappiadaev1.oraclevcn.com [127.0.0.1]) by iadpaimrmta03.imrmtpd1.prodappiadaev1.oraclevcn.com (8.18.1.2/8.18.1.2) with ESMTP id 60HE0L3Z040543; Sat, 17 Jan 2026 15:34:30 GMT Received: from pps.reinject (localhost [127.0.0.1]) by iadpaimrmta03.imrmtpd1.prodappiadaev1.oraclevcn.com (PPS) with ESMTPS id 4br0vaevxr-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Sat, 17 Jan 2026 15:34:30 +0000 Received: from iadpaimrmta03.imrmtpd1.prodappiadaev1.oraclevcn.com (iadpaimrmta03.imrmtpd1.prodappiadaev1.oraclevcn.com [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 60HFYTBi017170; Sat, 17 Jan 2026 15:34:29 GMT Received: from hamogala-kdevoci9-1.osdevelopmeniad.oraclevcn.com (hamogala-kdevoci9-1.allregionaliads.osdevelopmeniad.oraclevcn.com [100.100.250.101]) by iadpaimrmta03.imrmtpd1.prodappiadaev1.oraclevcn.com (PPS) with ESMTP id 4br0vaevxd-1; Sat, 17 Jan 2026 15:34:29 +0000 From: Harshit Mogalapalli To: cve@kernel.org Cc: linux-kernel@vger.kernel.org, Harshit Mogalapalli Subject: [PATCH vulns] CVE-2025-68212: Add vulnerable commit information Date: Sat, 17 Jan 2026 15:34:26 +0000 Message-ID: <20260117153426.2763004-1-harshit.m.mogalapalli@oracle.com> X-Mailer: git-send-email 2.50.1 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1121,Hydra:6.1.9,FMLib:17.12.100.49 definitions=2026-01-17_02,2026-01-15_02,2025-10-01_01 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 bulkscore=0 suspectscore=0 phishscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 malwarescore=0 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2601150000 definitions=main-2601170129 X-Proofpoint-ORIG-GUID: BTDuRNUmMWp9xdg0lqevzKWMbFmjxEdF X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwMTE3MDEyOSBTYWx0ZWRfX3ltnsMAQnx/x GBR5GsNkI63/6SMdpCT5dcymzh7D2TxQo09DgZvitE8G4UsmmryLMd78v67kzw1nXUWVUcmxQtW TqDaSNNVMvEady3zPR9FCGxwVrWIPaYKaxjefocpax6zR8bVfe0tAsPqr+1SQilfy8t4MJ74ZST FDj0w8aKbbB36aoSEyYSKhOaWqMoJF0d7SllUL4IeNoqdTURvn0xFoaqR7wyf6ukH/AdrV7cplH jcnzS7Qp2XMpT7+1xpKnrqssj6iTmLRtvFk6yqgDZaQ4hk2Rrzr4Jchlf77FX+xatjxzILLJub8 b+9xhgaNQvjckkmTUFClIIGEtWzZyZUVEk89wGej9E6g2ycM89HiI1f6Fj9dClmTwkuTsjQzlQD peAkKgIVD5X1lWRrdBBPaDwPC5eLQjn7OwuVoMe14IyZeTV3/ERqCQUwKm6Wpk+L0KUUAFQ4YFD PQDjaULqLGQriI3aHxYANwIOjFkfZUQ0G24r9co4= X-Proofpoint-GUID: BTDuRNUmMWp9xdg0lqevzKWMbFmjxEdF X-Authority-Analysis: v=2.4 cv=FvoIPmrq c=1 sm=1 tr=0 ts=696bac07 b=1 cx=c_pps a=qoll8+KPOyaMroiJ2sR5sw==:117 a=qoll8+KPOyaMroiJ2sR5sw==:17 a=vUbySO9Y5rIA:10 a=VkNPw1HP01LnGYTKEx00:22 a=yPCof4ZbAAAA:8 a=I5HrF9SXCPmy2k7B5L4A:9 cc=ntf awl=host:12110 Content-Type: text/plain; charset="utf-8" For the CVE fix, the actual broken commit which is more appropriate is 37c4a9590e1e introduces the STATMOUNT_MNT_{U,G}IDMAP cases but only writes sm->mnt_* =3D start while leaving offp unset. Hence, the broken commit for this CVE is commit: 37c4a9590e1e ("statmount: allow to retrieve idmappings") Signed-off-by: Harshit Mogalapalli --- cve/published/2025/CVE-2025-68212.vulnerable | 1 + 1 file changed, 1 insertion(+) create mode 100644 cve/published/2025/CVE-2025-68212.vulnerable diff --git a/cve/published/2025/CVE-2025-68212.vulnerable b/cve/published/2= 025/CVE-2025-68212.vulnerable new file mode 100644 index 000000000000..602d5fbb79b3 --- /dev/null +++ b/cve/published/2025/CVE-2025-68212.vulnerable @@ -0,0 +1 @@ +37c4a9590e1efcae7749682239fc22a330d2d325 --=20 2.50.1