vulnerability
Red Hat: CVE-2025-1272: kernel: Secure Boot does not automatically enable kernel lockdown (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:L/AC:M/Au:M/C:C/I:C/A:C) | Feb 13, 2025 | May 15, 2025 | Aug 7, 2025 |
Severity
6
CVSS
(AV:L/AC:M/Au:M/C:C/I:C/A:C)
Published
Feb 13, 2025
Added
May 15, 2025
Modified
Aug 7, 2025
Description
The Linux Kernel lockdown mode for kernel versions starting on 6.12 and above for Fedora Linux has the lockdown mode disabled without any warning. This may allow an attacker to gain access to sensitive information such kernel memory mappings, I/O ports, BPF and kprobes. Additionally unsigned modules can be loaded, leading to execution of untrusted code breaking breaking any Secure Boot protection. This vulnerability affects only Fedora Linux.
Solutions
no-fix-redhat-rpm-packageredhat-upgrade-kernelredhat-upgrade-kernel-rt
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.