What is the CVSS score of CVE-2025-1272?

CVE-2025-1272 has a CVSS 3.1 base score of 7.7 (High). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of Linux Kernel are affected by CVE-2025-1272?

A critical kernel vulnerability in Fedora Linux 6.12+ silently disables security lockdown protections, potentially exposing kernel memory and system internals to attackers.. A patch is available.

How to fix or mitigate CVE-2025-1272?

Within 24 hours: Identify all systems running Fedora Linux kernel 6.12 and above using automated asset discovery; assess whether affected systems are internet-facing or processing sensitive workloads. Within 7 days: Implement network segmentation to isolate affected systems; disable or restrict BPF and kprobes if operationally feasible; enable enhanced monitoring for suspicious kernel access attempts. Within 30 days: Develop and test a rollback plan to downgrade affected systems to kernel 6.11 or earlier; coordinate with Fedora for patch availability and apply immediately upon release.

Linux Kernel CVE-2025-1272

HIGH

Missing Authentication for Critical Function (CWE-306)

2026-02-18 patrick@puiterwijk.org

Linux Red Hat Linux Kernel Suse

7.7

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

Required

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Patch released

Mar 31, 2026 - 21:13 nvd

Patch available

Analysis Generated

Mar 12, 2026 - 21:55 vuln.today

CVE Published

Feb 18, 2026 - 21:16 nvd

HIGH 7.7

DescriptionNVD

The Linux Kernel lockdown mode for kernel versions starting on 6.12 and above for Fedora Linux has the lockdown mode disabled without any warning. This may allow an attacker to gain access to sensitive information such kernel memory mappings, I/O ports, BPF and kprobes. Additionally unsigned modules can be loaded, leading to execution of untrusted code breaking breaking any Secure Boot protection. This vulnerability affects only Fedora Linux.

AnalysisAI

Technical ContextAI

Classified as CWE-306 (Missing Authentication for Critical Function). The Linux Kernel lockdown mode for kernel versions starting on 6.12 and above for Fedora Linux has the lockdown mode disabled without any warning. This may allow an attacker to gain access to sensitive information such kernel memory mappings, I/O ports, BPF and kprobes. Additionally unsigned modules can be loaded, leading to execution of untrusted code breaking breaking any Secure Boot protection. This vulnerability affects only Fedora Linux.

Affected ProductsAI

The Linux Kernel lockdown mode for kernel versions starting on 6.12 and above for Fedora Linux has the lockdown mode disabled without any warning. Thi