A security vulnerability has been discovered in Fedora Linux, potentially leaving systems vulnerable to attacks. The flaw, tracked as CVE-2025-1272 and assigned a CVSS score of 7.7, affects the Linux Kernel’s lockdown mode in versions 6.12 and above. This crucial security feature, designed to restrict access to sensitive kernel resources, was found to be disabled by default without any warning in Fedora Linux distributions.
Lockdown mode is a security enhancement in the Linux kernel that limits access to sensitive resources, preventing malicious actors from exploiting them. It controls access to features like kernel memory mappings, I/O ports, BPF, and kprobes, which could be leveraged by attackers to gain unauthorized access or escalate privileges.
The discovery of this vulnerability means that Fedora Linux systems running kernel versions 6.12 and later have been operating without this essential protection, leaving them exposed to potential attacks. An attacker could exploit this flaw to access sensitive information, manipulate kernel functions, or even load unsigned modules, effectively bypassing Secure Boot protections and executing malicious code.
“This may allow an attacker to gain access to sensitive information such kernel memory mappings, I/O ports, BPF and kprobes,” the Red Hat Bugzilla website explains. “Additionally unsigned modules can be loaded, leading to execution of untrusted code breaking any Secure Boot protection.”
Fortunately, the CVE-2025-1272 flaw has been addressed in the 6.12.14 stable kernel update for Fedora Linux. A system reboot is required after installation to apply the update. Users are strongly urged to update their systems immediately to mitigate the risk.
