Linux Kernel SELinux Unknown Extended Permissions Handling Vulnerability

Vulnerability

A vulnerability in the Linux kernel's SELinux implementation has been addressed. The issue involved the evaluation of extended permissions, where unknown permissions were improperly handled by triggering a BUG() call. This vulnerability could disrupt the addition of future permissions in older kernel versions. The fix ensures that unknown permissions are ignored, allowing for smoother updates without compatibility issues.

Impact

The vulnerability could cause a kernel panic by calling BUG(), disrupting system operations.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel SELinux Unknown Extended Permissions Handling Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating