[PATCH vulns] CVE-2025-68212: Add vulnerable commit information

Next message: David Heidelberg via B4 Relay: "[PATCH v3 3/8] media: qcom: camss: Prepare CSID for C-PHY support"
Previous message: Marek Vasut: "Re: [PATCH v4 1/3] dt-bindings: touchscreen: trivial-touch: Drop 'interrupts' requirement for old Ilitek"
Next in thread: Greg KH: "Re: [PATCH vulns] CVE-2025-68212: Add vulnerable commit information"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Harshit Mogalapalli

Date: Sat Jan 17 2026 - 10:34:39 EST

For the CVE fix, the actual broken commit which is more appropriate
is 37c4a9590e1e introduces the STATMOUNT_MNT_{U,G}IDMAP cases but only
writes sm->mnt_* = start while leaving offp unset.

Hence, the broken commit for this CVE is commit: 37c4a9590e1e
("statmount: allow to retrieve idmappings")

Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@xxxxxxxxxx>
---
cve/published/2025/CVE-2025-68212.vulnerable | 1 +
1 file changed, 1 insertion(+)
create mode 100644 cve/published/2025/CVE-2025-68212.vulnerable

diff --git a/cve/published/2025/CVE-2025-68212.vulnerable b/cve/published/2025/CVE-2025-68212.vulnerable
new file mode 100644
index 000000000000..602d5fbb79b3
--- /dev/null
+++ b/cve/published/2025/CVE-2025-68212.vulnerable
@@ -0,0 +1 @@
+37c4a9590e1efcae7749682239fc22a330d2d325
--
2.50.1