vulnerability

Ubuntu: USN-7999-1 (CVE-2025-68146): Filelock vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
6	(AV:L/AC:M/Au:S/C:N/I:C/A:C)	Feb 2, 2026	Feb 5, 2026	Feb 5, 2026

Severity

CVSS

(AV:L/AC:M/Au:S/C:N/I:C/A:C)

Published

Feb 2, 2026

Added

Feb 5, 2026

Modified

Feb 5, 2026

Description

It was discovered that Filelock incorrectly handled symlinks in temp files.
A local attacker could possibly use this issue to cause lock operations to
fail or behave unexpectedly. (CVE-2026-22701)

It was discovered that the file locking implementation in the Filelock
package contained a race condition. A local attacker could possibly use
this to cause a denial of service or corrupt arbitrary user files.
(CVE-2025-68146)

Solutions

ubuntu-pro-upgrade-python-filelockubuntu-pro-upgrade-python3-filelock

References

CVE-2025-68146
https://attackerkb.com/topics/CVE-2025-68146
CWE-362
CWE-367
CWE-59
UBUNTU-USN-7999-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today