CVE-2025-68803

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> NFSD: NFSv4 file creation neglects setting ACL<br /> <br /> An NFSv4 client that sets an ACL with a named principal during file<br /> creation retrieves the ACL afterwards, and finds that it is only a<br /> default ACL (based on the mode bits) and not the ACL that was<br /> requested during file creation. This violates RFC 8881 section<br /> 6.4.1.3: "the ACL attribute is set as given".<br /> <br /> The issue occurs in nfsd_create_setattr(), which calls<br /> nfsd_attrs_valid() to determine whether to call nfsd_setattr().<br /> However, nfsd_attrs_valid() checks only for iattr changes and<br /> security labels, but not POSIX ACLs. When only an ACL is present,<br /> the function returns false, nfsd_setattr() is skipped, and the<br /> POSIX ACL is never applied to the inode.<br /> <br /> Subsequently, when the client retrieves the ACL, the server finds<br /> no POSIX ACL on the inode and returns one generated from the file&amp;#39;s<br /> mode bits rather than returning the originally-specified ACL.