You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2025 68740
About this tag
CVE-2025-68740 is a Linux kernel vulnerability affecting the Integrity Measurement Architecture (IMA). It involves a logic error where LSM rule objects can become NULL, causing false rule matches. This leads IMA to measure extra files, potentially disrupting attestation and appraisal workflows. The tag covers discussions about the bug's impact on Linux security, including how it can confuse integrity measurements and TPM-anchored attestation. Patches are needed to correct the rule-matching logic. This tag is relevant for Linux system administrators, security researchers, and enterprise IT professionals managing kernel security and integrity verification.
CVE-2025-68740 exposes a logic error in the Linux kernel’s Integrity Measurement Architecture (IMA) that can cause false rule matches when LSM (Linux Security Module) rule objects become NULL — a subtle bug that leads IMA to measure extra files and could confuse attestation or appraisal...