A severe vulnerability in the Linux kernel has remained undetected for nearly two decades, allowing local users to gain root privileges on affected systems.

Designated as CVE-2025-0927, this out-of-bounds write vulnerability in the Linux kernel’s HFS+ filesystem driver affects systems running kernels up to version 6.12.0, with Ubuntu 22.04 with Linux Kernel 6.5.0-18-generic confirmed vulnerable.