AI description
CVE-2025-0927 is a heap overflow vulnerability found in the HFS+ file system implementation within the Linux Kernel. Discovered by Attila Szász, the vulnerability can be exploited if an attacker mounts a specially crafted file system image. This flaw, a buffer overflow in B-tree node processing within the HFS+ driver, can lead to a denial of service (system crash) or potentially allow the execution of arbitrary code. The vulnerability has been present in the Linux kernel since 2005 (Linux-2.6.12-rc2) and affects Linux Kernel versions up to 6.12.0, as well as Ubuntu 22.04 with Linux Kernel 6.5.0-18-generic. A public proof-of-concept exploit exists for this vulnerability.
- Description
- Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code.
- Source
- security@ubuntu.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- security@ubuntu.com
- CWE-787
- Hype score
- Not currently trending
🚨 A serious vulnerability, CVE-2025-0927, in the Linux kernel affects Ubuntu 22.04, enabling local privilege escalation via heap overflow in HFS+. Patches are out! ⚠️ #LinuxSecurity #Ubuntu #CVE2025 link: https://t.co/2ykbeaAynO https://t.co/JpkfrbD8wR
@TweetThreatNews
25 Mar 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-0927: Public Exploit Released for Linux Kernel Privilege Escalation Bug https://t.co/GuKZzqTP7C
@Dinosn
25 Mar 2025
13241 Impressions
86 Retweets
336 Likes
117 Bookmarks
0 Replies
0 Quotes
Linuxカーネルにおける権限昇格の脆弱性CVE-2025-0927に対応するPoC(攻撃の概念実証コード)が公表された。Ubuntu 22.04に影響。HFS+ファイルシステムにおけるヒープオーバーフロー。 https://t.co/8LrhROw9NI
@__kokumoto
25 Mar 2025
2709 Impressions
12 Retweets
41 Likes
13 Bookmarks
0 Replies
0 Quotes
CVE-2025-0927: Public Exploit Released for #Linux Kernel Privilege Escalation Bug The flaw, tracked as CVE-2025-0927, a heap overflow in the HFS+ file system implementation, could allow an attacker to escalate local privileges on affected systems https://t.co/r27DjU2ghx
@the_yellow_fall
25 Mar 2025
6679 Impressions
39 Retweets
136 Likes
53 Bookmarks
2 Replies
1 Quote
🚨 CVE-2025-0927 🔴 HIGH (7.8) 🏢 Canonical - Ubuntu Linux 🏗️ 3.13 🔗 https://t.co/aBEPvI109q 🔗 https://t.co/vdEflNpSBZ #CyberCron #VulnAlert #InfoSec https://t.co/RO5U4O2FrO
@cybercronai
24 Mar 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-0927 🔴 HIGH (7.8) 🏢 Canonical - Ubuntu Linux 🏗️ 3.13 🔗 https://t.co/aBEPvI109q 🔗 https://t.co/vdEflNpSBZ #CyberCron #VulnAlert #InfoSec https://t.co/WyzfQEPH1v
@cybercronai
23 Mar 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New post from https://t.co/uXvPWJyEiR (CVE-2025-0927 | Canonical Ubuntu Linux prior 6.11.0-18.18 HFS+ filesystem out-of-bounds write (USN-7276-1)) has been published on https://t.co/qit1d5GaO7
@WolfgangSesin
23 Mar 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-0927 HFS+ File System Heap Overflow Vulnerability in Linux Kernel https://t.co/Uzle4uCJAg
@VulmonFeeds
23 Mar 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-0927 Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted … https://t.co/J0shHxeofg
@CVEnew
23 Mar 2025
532 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I ran into this issue while working on my kernel exploit for CVE-2025-0927. Curious to see if you know the answer—some LLMs might need a little nudge to get it right. https://t.co/azs1OAbZao
@4ttil4sz1a
22 Mar 2025
137 Impressions
0 Retweets
2 Likes
2 Bookmarks
0 Replies
0 Quotes
Learn how an out-of-bounds write vulnerability in the Linux kernel can be exploited to achieve an LPE (CVE-2025-0927) https://t.co/LKfY71in00 https://t.co/qvUYSfD2u0
@secharvesterx
18 Mar 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-0927 details here! https://t.co/z9amcuNjKP
@4ttil4sz1a
18 Mar 2025
883 Impressions
5 Retweets
15 Likes
8 Bookmarks
0 Replies
0 Quotes
CVE-2025-0927 : A New Linux Kernel LPE Vulnerability A recently discovered out-of-bounds write vulnerability in the Linux kernel (versions 2.x up to 6.13) affects filesystem code, enabling local privilege escalation (LPE). https://t.co/Cgm7ppLiXC
@freedomhack101
18 Feb 2025
25 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 #CVE-2025-0927 – A New #Linux Kernel LPE Vulnerability https://t.co/XX9XyGUgdM
@UndercodeUpdate
17 Feb 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes