Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-21777 (GCVE-0-2025-21777)
Vulnerability from cvelistv5 – Published: 2025-02-27 02:18 – Updated: 2025-05-04 07:20
VLAI?
EPSS
Title
ring-buffer: Validate the persistent meta data subbuf array
Summary
In the Linux kernel, the following vulnerability has been resolved:
ring-buffer: Validate the persistent meta data subbuf array
The meta data for a mapped ring buffer contains an array of indexes of all
the subbuffers. The first entry is the reader page, and the rest of the
entries lay out the order of the subbuffers in how the ring buffer link
list is to be created.
The validator currently makes sure that all the entries are within the
range of 0 and nr_subbufs. But it does not check if there are any
duplicates.
While working on the ring buffer, I corrupted this array, where I added
duplicates. The validator did not catch it and created the ring buffer
link list on top of it. Luckily, the corruption was only that the reader
page was also in the writer path and only presented corrupted data but did
not crash the kernel. But if there were duplicates in the writer side,
then it could corrupt the ring buffer link list and cause a crash.
Create a bitmask array with the size of the number of subbuffers. Then
clear it. When walking through the subbuf array checking to see if the
entries are within the range, test if its bit is already set in the
subbuf_mask. If it is, then there is duplicates and fail the validation.
If not, set the corresponding bit and continue.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Linux | Linux |
Affected:
c76883f18e59b762247ee91d3e4224231711854e , < 3ec743d558f111d8999aea24577ba66c65ee2eeb
(git)
Affected: c76883f18e59b762247ee91d3e4224231711854e , < 0d547a6f5e8fad26ebc12f501d7d19fccdbad6bf (git) Affected: c76883f18e59b762247ee91d3e4224231711854e , < f5b95f1fa2ef3a03f49eeec658ba97e721412b32 (git) |
||
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"kernel/trace/ring_buffer.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "3ec743d558f111d8999aea24577ba66c65ee2eeb",
"status": "affected",
"version": "c76883f18e59b762247ee91d3e4224231711854e",
"versionType": "git"
},
{
"lessThan": "0d547a6f5e8fad26ebc12f501d7d19fccdbad6bf",
"status": "affected",
"version": "c76883f18e59b762247ee91d3e4224231711854e",
"versionType": "git"
},
{
"lessThan": "f5b95f1fa2ef3a03f49eeec658ba97e721412b32",
"status": "affected",
"version": "c76883f18e59b762247ee91d3e4224231711854e",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"kernel/trace/ring_buffer.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.12"
},
{
"lessThan": "6.12",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.16",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"version": "6.13.4",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.14",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.16",
"versionStartIncluding": "6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.13.4",
"versionStartIncluding": "6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14",
"versionStartIncluding": "6.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nring-buffer: Validate the persistent meta data subbuf array\n\nThe meta data for a mapped ring buffer contains an array of indexes of all\nthe subbuffers. The first entry is the reader page, and the rest of the\nentries lay out the order of the subbuffers in how the ring buffer link\nlist is to be created.\n\nThe validator currently makes sure that all the entries are within the\nrange of 0 and nr_subbufs. But it does not check if there are any\nduplicates.\n\nWhile working on the ring buffer, I corrupted this array, where I added\nduplicates. The validator did not catch it and created the ring buffer\nlink list on top of it. Luckily, the corruption was only that the reader\npage was also in the writer path and only presented corrupted data but did\nnot crash the kernel. But if there were duplicates in the writer side,\nthen it could corrupt the ring buffer link list and cause a crash.\n\nCreate a bitmask array with the size of the number of subbuffers. Then\nclear it. When walking through the subbuf array checking to see if the\nentries are within the range, test if its bit is already set in the\nsubbuf_mask. If it is, then there is duplicates and fail the validation.\nIf not, set the corresponding bit and continue."
}
],
"providerMetadata": {
"dateUpdated": "2025-05-04T07:20:57.840Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/3ec743d558f111d8999aea24577ba66c65ee2eeb"
},
{
"url": "https://git.kernel.org/stable/c/0d547a6f5e8fad26ebc12f501d7d19fccdbad6bf"
},
{
"url": "https://git.kernel.org/stable/c/f5b95f1fa2ef3a03f49eeec658ba97e721412b32"
}
],
"title": "ring-buffer: Validate the persistent meta data subbuf array",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-21777",
"datePublished": "2025-02-27T02:18:22.008Z",
"dateReserved": "2024-12-29T08:45:45.763Z",
"dateUpdated": "2025-05-04T07:20:57.840Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2025-21777
Vulnerability from fkie_nvd - Published: 2025-02-27 03:15 - Updated: 2025-10-28 20:36
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
ring-buffer: Validate the persistent meta data subbuf array
The meta data for a mapped ring buffer contains an array of indexes of all
the subbuffers. The first entry is the reader page, and the rest of the
entries lay out the order of the subbuffers in how the ring buffer link
list is to be created.
The validator currently makes sure that all the entries are within the
range of 0 and nr_subbufs. But it does not check if there are any
duplicates.
While working on the ring buffer, I corrupted this array, where I added
duplicates. The validator did not catch it and created the ring buffer
link list on top of it. Luckily, the corruption was only that the reader
page was also in the writer path and only presented corrupted data but did
not crash the kernel. But if there were duplicates in the writer side,
then it could corrupt the ring buffer link list and cause a crash.
Create a bitmask array with the size of the number of subbuffers. Then
clear it. When walking through the subbuf array checking to see if the
entries are within the range, test if its bit is already set in the
subbuf_mask. If it is, then there is duplicates and fail the validation.
If not, set the corresponding bit and continue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | 6.14 | |
| linux | linux_kernel | 6.14 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "537F3B42-2EC5-47FB-8166-5ACF0353AFEC",
"versionEndExcluding": "6.12.16",
"versionStartIncluding": "6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A2093ED-74A9-43F9-AC72-50030F374EA4",
"versionEndExcluding": "6.13.4",
"versionStartIncluding": "6.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.14:rc1:*:*:*:*:*:*",
"matchCriteriaId": "186716B6-2B66-4BD0-852E-D48E71C0C85F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.14:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0D3E781C-403A-498F-9DA9-ECEE50F41E75",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nring-buffer: Validate the persistent meta data subbuf array\n\nThe meta data for a mapped ring buffer contains an array of indexes of all\nthe subbuffers. The first entry is the reader page, and the rest of the\nentries lay out the order of the subbuffers in how the ring buffer link\nlist is to be created.\n\nThe validator currently makes sure that all the entries are within the\nrange of 0 and nr_subbufs. But it does not check if there are any\nduplicates.\n\nWhile working on the ring buffer, I corrupted this array, where I added\nduplicates. The validator did not catch it and created the ring buffer\nlink list on top of it. Luckily, the corruption was only that the reader\npage was also in the writer path and only presented corrupted data but did\nnot crash the kernel. But if there were duplicates in the writer side,\nthen it could corrupt the ring buffer link list and cause a crash.\n\nCreate a bitmask array with the size of the number of subbuffers. Then\nclear it. When walking through the subbuf array checking to see if the\nentries are within the range, test if its bit is already set in the\nsubbuf_mask. If it is, then there is duplicates and fail the validation.\nIf not, set the corresponding bit and continue."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ring-buffer: validar la matriz de subbuf de metadatos persistentes Los metadatos de un b\u00fafer de anillo asignado contienen una matriz de \u00edndices de todos los subb\u00faferes. La primera entrada es la p\u00e1gina del lector y el resto de las entradas establecen el orden de los subb\u00faferes en c\u00f3mo se crear\u00e1 la lista de enlaces del b\u00fafer de anillo. El validador actualmente se asegura de que todas las entradas est\u00e9n dentro del rango de 0 y nr_subbufs. Pero no verifica si hay duplicados. Mientras trabajaba en el b\u00fafer de anillo, corromp\u00ed esta matriz, donde agregu\u00e9 duplicados. El validador no lo detect\u00f3 y cre\u00f3 la lista de enlaces del b\u00fafer de anillo encima. Afortunadamente, la corrupci\u00f3n fue solo que la p\u00e1gina del lector tambi\u00e9n estaba en la ruta del escritor y solo present\u00f3 datos corruptos pero no bloque\u00f3 el kernel. Pero si hab\u00eda duplicados en el lado del escritor, entonces podr\u00eda corromper la lista de enlaces del b\u00fafer de anillo y causar un bloqueo. Cree una matriz de m\u00e1scara de bits con el tama\u00f1o del n\u00famero de subb\u00faferes. Luego, b\u00f3rrelo. Al recorrer la matriz subbuf para verificar si las entradas est\u00e1n dentro del rango, verifique si su bit ya est\u00e1 configurado en subbuf_mask. Si es as\u00ed, entonces hay duplicados y falla la validaci\u00f3n. Si no es as\u00ed, configure el bit correspondiente y contin\u00fae."
}
],
"id": "CVE-2025-21777",
"lastModified": "2025-10-28T20:36:53.797",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-02-27T03:15:18.377",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/0d547a6f5e8fad26ebc12f501d7d19fccdbad6bf"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/3ec743d558f111d8999aea24577ba66c65ee2eeb"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/f5b95f1fa2ef3a03f49eeec658ba97e721412b32"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2025-21777
Vulnerability from osv_almalinux
Published
2025-11-11 00:00
Modified
2025-11-24 10:55
Summary
Moderate: kernel security update
Details
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
- kernel: xen: Xen hypercall page unsafe against speculative attacks (Xen Security Advisory 466) (CVE-2024-53241)
- kernel: exfat: fix out-of-bounds access of directory entries (CVE-2024-53147)
- kernel: zram: fix NULL pointer in comp_algorithm_show() (CVE-2024-53222)
- kernel: nfsd: release svc_expkey/svc_export with rcu_work (CVE-2024-53216)
- kernel: acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl (CVE-2024-56662)
- kernel: bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors (CVE-2024-56675)
- kernel: crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY (CVE-2024-56690)
- kernel: igb: Fix potential invalid memory access in igb_init_module() (CVE-2024-52332)
- kernel: af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK (CVE-2024-57901)
- kernel: af_packet: fix vlan_get_tci() vs MSG_PEEK (CVE-2024-57902)
- kernel: io_uring/sqpoll: zero sqd->thread on tctx errors (CVE-2025-21633)
- kernel: ipvlan: Fix use-after-free in ipvlan_get_iflink(). (CVE-2025-21652)
- kernel: sched: sch_cake: add bounds checks to host bulk flow fairness counts (CVE-2025-21647)
- kernel: io_uring/eventfd: ensure io_eventfd_signal() defers another RCU period (CVE-2025-21655)
- kernel: netfs: Fix the (non-)cancellation of copy when cache is temporarily disabled (CVE-2024-57941)
- kernel: netfs: Fix ceph copy to cache on write-begin (CVE-2024-57942)
- kernel: zram: fix potential UAF of zram table (CVE-2025-21671)
- kernel: pktgen: Avoid out-of-bounds access in get_imix_entries (CVE-2025-21680)
- kernel: mm: zswap: properly synchronize freeing resources during CPU hotunplug (CVE-2025-21693)
- kernel: cachestat: fix page cache statistics permission checking (CVE-2025-21691)
- kernel: mm: clear uffd-wp PTE/PMD state on mremap() (CVE-2025-21696)
- kernel: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (CVE-2025-21702)
- kernel: RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error (CVE-2025-21732)
- kernel: NFSD: fix hang in nfsd4_shutdown_callback (CVE-2025-21795)
- kernel: NFS: Fix potential buffer overflowin nfs_sysfs_link_rpc_client() (CVE-2024-54456)
- kernel: Bluetooth: btrtl: check for NULL in btrtl_setup_realtek() (CVE-2024-57987)
- kernel: wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (CVE-2024-58014)
- kernel: Bluetooth: btbcm: Fix NULL deref in btbcm_get_board_name() (CVE-2024-57988)
- kernel: drm/xe/tracing: Fix a potential TP_printk UAF (CVE-2024-49570)
- kernel: media: intel/ipu6: remove cpu latency qos request on error (CVE-2024-58004)
- kernel: usbnet: ipheth: use static NDP16 location in URB (CVE-2025-21742)
- kernel: usbnet: ipheth: fix possible overflow in DPE length check (CVE-2025-21743)
- kernel: wifi: mt76: mt7925: fix NULL deref check in mt7925_change_vif_links (CVE-2024-57989)
- kernel: wifi: ath12k: Fix for out-of bound access error (CVE-2024-58015)
- kernel: wifi: ath12k: fix read pointer after free in ath12k_mac_assign_vif_to_vdev() (CVE-2024-57995)
- kernel: nfsd: clear acl_access/acl_default after releasing them (CVE-2025-21796)
- kernel: workqueue: Put the pwq after detaching the rescuer from the pool (CVE-2025-21786)
- kernel: tpm: Change to kvalloc() in eventlog/acpi.c (CVE-2024-58005)
- kernel: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (CVE-2024-58013)
- kernel: ring-buffer: Validate the persistent meta data subbuf array (CVE-2025-21777)
- kernel: ata: libata-sff: Ensure that we cannot write outside the allocated buffer (CVE-2025-21738)
- kernel: HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections (CVE-2024-57986)
- kernel: padata: avoid UAF for reorder_work (CVE-2025-21726)
- kernel: vrf: use RCU protection in l3mdev_l3_out() (CVE-2025-21791)
- kernel: HID: multitouch: Add NULL check in mt_input_configured (CVE-2024-58020)
- kernel: i3c: dw: Fix use-after-free in dw_i3c_master driver due to race condition (CVE-2024-57984)
- kernel: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (CVE-2025-21761)
- kernel: sched_ext: Fix incorrect autogroup migration detection (CVE-2025-21771)
- kernel: usb: xhci: Fix NULL pointer dereference on certain command aborts (CVE-2024-57981)
- kernel: memcg: fix soft lockup in the OOM process (CVE-2024-57977)
- kernel: vxlan: check vxlan_vnigroup_init() return value (CVE-2025-21790)
- kernel: usbnet: ipheth: fix DPE OoB read (CVE-2025-21741)
- kernel: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (CVE-2025-21785)
- kernel: ipv6: use RCU protection in ip6_default_advmss() (CVE-2025-21765)
- kernel: PCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar() (CVE-2024-58006)
- kernel: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params (CVE-2024-58012)
- kernel: wifi: brcmfmac: Check the return value of of_property_read_string_index() (CVE-2025-21750)
- kernel: wifi: rtlwifi: remove unused check_buddy_priv (CVE-2024-58072)
- kernel: rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read (CVE-2024-58069)
- kernel: wifi: mac80211: prohibit deactivating all links (CVE-2024-58061)
- kernel: idpf: convert workqueues to unbound (CVE-2024-58057)
- kernel: wifi: mac80211: don't flush non-uploaded STAs (CVE-2025-21828)
- kernel: netfilter: nf_tables: reject mismatching sum of field_len with set key length (CVE-2025-21826)
- kernel: ASoC: soc-pcm: don't use soc_pcm_ret() on .prepare callback (CVE-2024-58077)
- kernel: crypto: tegra - do not transfer req when tegra init fails (CVE-2024-58075)
- kernel: io_uring/uring_cmd: unconditionally copy SQEs at prep time (CVE-2025-21837)
- kernel: information leak via transient execution vulnerability in some AMD processors (CVE-2024-36350)
- kernel: transient execution vulnerability in some AMD processors (CVE-2024-36357)
- kernel: net/sched: cls_api: fix error handling causing NULL dereference (CVE-2025-21857)
- kernel: bpf: Fix softlockup in arena_map_free on 64k page kernel (CVE-2025-21851)
- kernel: ibmvnic: Don't reference skb after sending to VIOS (CVE-2025-21855)
- kernel: smb: client: Add check for next_buffer in receive_encrypted_standard() (CVE-2025-21844)
- kernel: bpf: avoid holding freeze_mutex during mmap operation (CVE-2025-21853)
- kernel: ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() (CVE-2025-21847)
- kernel: tcp: drop secpath at the same time as we currently drop dst (CVE-2025-21864)
- kernel: bpf: Fix deadlock when freeing cgroup storage (CVE-2024-58088)
- kernel: acct: perform last write from workqueue (CVE-2025-21846)
- kernel: mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize() (CVE-2025-21861)
- kernel: io_uring: prevent opcode speculation (CVE-2025-21863)
- kernel: fbdev: hyperv_fb: Allow graceful removal of framebuffer (CVE-2025-21976)
- kernel: netfilter: nft_tunnel: fix geneve_opt type confusion addition (CVE-2025-22056)
- kernel: net: ppp: Add bound checking for skb data on ppp_sync_txmung (CVE-2025-37749)
- microcode_ctl: From CVEorg collector (CVE-2024-28956)
- kernel: usb: typec: ucsi: displayport: Fix NULL pointer access (CVE-2025-37994)
- kernel: wifi: ath12k: fix uaf in ath12k_core_init() (CVE-2025-38116)
- kernel: platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks (CVE-2025-38412)
- kernel: dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using (CVE-2025-38369)
- kernel: net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (CVE-2025-38468)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-64k"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-64k-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-64k-debug"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-64k-debug-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-64k-debug-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-64k-debug-devel-matched"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-64k-debug-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-64k-debug-modules-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-64k-debug-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-64k-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-64k-devel-matched"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-64k-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-64k-modules-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-64k-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-abi-stablelists"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-cross-headers"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-debug"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-debug-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-debug-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-debug-devel-matched"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-debug-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-debug-modules-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-debug-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-debug-uki-virt"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-devel-matched"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-doc"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-headers"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-modules-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-modules-extra-matched"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-rt"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-rt-64k"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-rt-64k-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-rt-64k-debug"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-rt-64k-debug-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-rt-64k-debug-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-rt-64k-debug-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-rt-64k-debug-modules-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-rt-64k-debug-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-rt-64k-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-rt-64k-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-rt-64k-modules-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-rt-64k-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-rt-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-rt-debug"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-rt-debug-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-rt-debug-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-rt-debug-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-rt-debug-modules-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-rt-debug-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-rt-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-rt-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-rt-modules-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-rt-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-tools"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-tools-libs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-tools-libs-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-uki-virt"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-uki-virt-addons"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-zfcpdump"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-zfcpdump-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-zfcpdump-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-zfcpdump-devel-matched"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-zfcpdump-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-zfcpdump-modules-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "kernel-zfcpdump-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "libperf"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "perf"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "python3-perf"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "rtla"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:10",
"name": "rv"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.12.0-124.8.1.el10_1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "The kernel packages contain the Linux kernel, the core of any Linux operating system. \n\nSecurity Fix(es): \n\n * kernel: xen: Xen hypercall page unsafe against speculative attacks (Xen Security Advisory 466) (CVE-2024-53241)\n * kernel: exfat: fix out-of-bounds access of directory entries (CVE-2024-53147)\n * kernel: zram: fix NULL pointer in comp_algorithm_show() (CVE-2024-53222)\n * kernel: nfsd: release svc_expkey/svc_export with rcu_work (CVE-2024-53216)\n * kernel: acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl (CVE-2024-56662)\n * kernel: bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors (CVE-2024-56675)\n * kernel: crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY (CVE-2024-56690)\n * kernel: igb: Fix potential invalid memory access in igb_init_module() (CVE-2024-52332)\n * kernel: af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK (CVE-2024-57901)\n * kernel: af_packet: fix vlan_get_tci() vs MSG_PEEK (CVE-2024-57902)\n * kernel: io_uring/sqpoll: zero sqd-\u003ethread on tctx errors (CVE-2025-21633)\n * kernel: ipvlan: Fix use-after-free in ipvlan_get_iflink(). (CVE-2025-21652)\n * kernel: sched: sch_cake: add bounds checks to host bulk flow fairness counts (CVE-2025-21647)\n * kernel: io_uring/eventfd: ensure io_eventfd_signal() defers another RCU period (CVE-2025-21655)\n * kernel: netfs: Fix the (non-)cancellation of copy when cache is temporarily disabled (CVE-2024-57941)\n * kernel: netfs: Fix ceph copy to cache on write-begin (CVE-2024-57942)\n * kernel: zram: fix potential UAF of zram table (CVE-2025-21671)\n * kernel: pktgen: Avoid out-of-bounds access in get_imix_entries (CVE-2025-21680)\n * kernel: mm: zswap: properly synchronize freeing resources during CPU hotunplug (CVE-2025-21693)\n * kernel: cachestat: fix page cache statistics permission checking (CVE-2025-21691)\n * kernel: mm: clear uffd-wp PTE/PMD state on mremap() (CVE-2025-21696)\n * kernel: pfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0 (CVE-2025-21702)\n * kernel: RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error (CVE-2025-21732)\n * kernel: NFSD: fix hang in nfsd4_shutdown_callback (CVE-2025-21795)\n * kernel: NFS: Fix potential buffer overflowin nfs_sysfs_link_rpc_client() (CVE-2024-54456)\n * kernel: Bluetooth: btrtl: check for NULL in btrtl_setup_realtek() (CVE-2024-57987)\n * kernel: wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (CVE-2024-58014)\n * kernel: Bluetooth: btbcm: Fix NULL deref in btbcm_get_board_name() (CVE-2024-57988)\n * kernel: drm/xe/tracing: Fix a potential TP_printk UAF (CVE-2024-49570)\n * kernel: media: intel/ipu6: remove cpu latency qos request on error (CVE-2024-58004)\n * kernel: usbnet: ipheth: use static NDP16 location in URB (CVE-2025-21742)\n * kernel: usbnet: ipheth: fix possible overflow in DPE length check (CVE-2025-21743)\n * kernel: wifi: mt76: mt7925: fix NULL deref check in mt7925_change_vif_links (CVE-2024-57989)\n * kernel: wifi: ath12k: Fix for out-of bound access error (CVE-2024-58015)\n * kernel: wifi: ath12k: fix read pointer after free in ath12k_mac_assign_vif_to_vdev() (CVE-2024-57995)\n * kernel: nfsd: clear acl_access/acl_default after releasing them (CVE-2025-21796)\n * kernel: workqueue: Put the pwq after detaching the rescuer from the pool (CVE-2025-21786)\n * kernel: tpm: Change to kvalloc() in eventlog/acpi.c (CVE-2024-58005)\n * kernel: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (CVE-2024-58013)\n * kernel: ring-buffer: Validate the persistent meta data subbuf array (CVE-2025-21777)\n * kernel: ata: libata-sff: Ensure that we cannot write outside the allocated buffer (CVE-2025-21738)\n * kernel: HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections (CVE-2024-57986)\n * kernel: padata: avoid UAF for reorder_work (CVE-2025-21726)\n * kernel: vrf: use RCU protection in l3mdev_l3_out() (CVE-2025-21791)\n * kernel: HID: multitouch: Add NULL check in mt_input_configured (CVE-2024-58020)\n * kernel: i3c: dw: Fix use-after-free in dw_i3c_master driver due to race condition (CVE-2024-57984)\n * kernel: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (CVE-2025-21761)\n * kernel: sched_ext: Fix incorrect autogroup migration detection (CVE-2025-21771)\n * kernel: usb: xhci: Fix NULL pointer dereference on certain command aborts (CVE-2024-57981)\n * kernel: memcg: fix soft lockup in the OOM process (CVE-2024-57977)\n * kernel: vxlan: check vxlan_vnigroup_init() return value (CVE-2025-21790)\n * kernel: usbnet: ipheth: fix DPE OoB read (CVE-2025-21741)\n * kernel: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (CVE-2025-21785)\n * kernel: ipv6: use RCU protection in ip6_default_advmss() (CVE-2025-21765)\n * kernel: PCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar() (CVE-2024-58006)\n * kernel: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params (CVE-2024-58012)\n * kernel: wifi: brcmfmac: Check the return value of of_property_read_string_index() (CVE-2025-21750)\n * kernel: wifi: rtlwifi: remove unused check_buddy_priv (CVE-2024-58072)\n * kernel: rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read (CVE-2024-58069)\n * kernel: wifi: mac80211: prohibit deactivating all links (CVE-2024-58061)\n * kernel: idpf: convert workqueues to unbound (CVE-2024-58057)\n * kernel: wifi: mac80211: don\u0027t flush non-uploaded STAs (CVE-2025-21828)\n * kernel: netfilter: nf_tables: reject mismatching sum of field_len with set key length (CVE-2025-21826)\n * kernel: ASoC: soc-pcm: don\u0027t use soc_pcm_ret() on .prepare callback (CVE-2024-58077)\n * kernel: crypto: tegra - do not transfer req when tegra init fails (CVE-2024-58075)\n * kernel: io_uring/uring_cmd: unconditionally copy SQEs at prep time (CVE-2025-21837)\n * kernel: information leak via transient execution vulnerability in some AMD processors (CVE-2024-36350)\n * kernel: transient execution vulnerability in some AMD processors (CVE-2024-36357)\n * kernel: net/sched: cls_api: fix error handling causing NULL dereference (CVE-2025-21857)\n * kernel: bpf: Fix softlockup in arena_map_free on 64k page kernel (CVE-2025-21851)\n * kernel: ibmvnic: Don\u0027t reference skb after sending to VIOS (CVE-2025-21855)\n * kernel: smb: client: Add check for next_buffer in receive_encrypted_standard() (CVE-2025-21844)\n * kernel: bpf: avoid holding freeze_mutex during mmap operation (CVE-2025-21853)\n * kernel: ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() (CVE-2025-21847)\n * kernel: tcp: drop secpath at the same time as we currently drop dst (CVE-2025-21864)\n * kernel: bpf: Fix deadlock when freeing cgroup storage (CVE-2024-58088)\n * kernel: acct: perform last write from workqueue (CVE-2025-21846)\n * kernel: mm/migrate_device: don\u0027t add folio to be freed to LRU in migrate_device_finalize() (CVE-2025-21861)\n * kernel: io_uring: prevent opcode speculation (CVE-2025-21863)\n * kernel: fbdev: hyperv_fb: Allow graceful removal of framebuffer (CVE-2025-21976)\n * kernel: netfilter: nft_tunnel: fix geneve_opt type confusion addition (CVE-2025-22056)\n * kernel: net: ppp: Add bound checking for skb data on ppp_sync_txmung (CVE-2025-37749)\n * microcode_ctl: From CVEorg collector (CVE-2024-28956)\n * kernel: usb: typec: ucsi: displayport: Fix NULL pointer access (CVE-2025-37994)\n * kernel: wifi: ath12k: fix uaf in ath12k_core_init() (CVE-2025-38116)\n * kernel: platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks (CVE-2025-38412)\n * kernel: dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using (CVE-2025-38369)\n * kernel: net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (CVE-2025-38468)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. \n\nAdditional Changes: \n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.\n",
"id": "ALSA-2025:20095",
"modified": "2025-11-24T10:55:21Z",
"published": "2025-11-11T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2025:20095"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-28956"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-36350"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-36357"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-49570"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-52332"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-53147"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-53216"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-53222"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-53241"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-54456"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-56662"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-56675"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-56690"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-57901"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-57902"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-57941"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-57942"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-57977"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-57981"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-57984"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-57986"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-57987"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-57988"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-57989"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-57995"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-58004"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-58005"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-58006"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-58012"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-58013"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-58014"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-58015"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-58020"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-58057"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-58061"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-58069"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-58072"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-58075"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-58077"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-58088"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21633"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21647"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21652"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21655"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21671"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21680"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21691"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21693"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21696"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21702"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21726"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21732"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21738"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21741"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21742"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21743"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21750"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21761"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21765"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21771"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21777"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21785"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21786"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21790"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21791"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21795"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21796"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21826"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21828"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21837"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21844"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21846"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21847"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21851"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21853"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21855"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21857"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21861"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21863"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21864"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-21976"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-22056"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-37749"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-37994"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-38116"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-38369"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-38412"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-38468"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2331326"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2333985"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2334373"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2334415"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2334547"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2334548"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2334676"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2337121"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2338185"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2338211"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2338813"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2338821"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2338828"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2338998"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2339130"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2339141"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2343172"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2343186"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2344684"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2344687"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2345240"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2346272"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348522"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348523"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348541"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348543"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348547"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348550"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348556"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348561"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348567"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348572"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348574"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348577"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348581"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348584"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348587"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348590"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348592"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348593"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348595"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348597"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348600"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348601"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348602"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348603"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348612"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348617"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348620"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348621"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348625"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348629"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348630"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348645"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348647"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348650"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348656"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2350363"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2350364"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2350373"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2350375"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2350386"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2350392"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2350396"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2350397"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2350589"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2350725"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2350726"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2351605"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2351606"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2351608"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2351612"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2351613"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2351616"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2351618"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2351620"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2351624"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2351625"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2351629"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2356664"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2360215"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2363332"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2366125"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2369184"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2376076"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2383398"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2383432"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2383913"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/10/ALSA-2025-20095.html"
}
],
"related": [
"CVE-2024-53241",
"CVE-2024-53147",
"CVE-2024-53222",
"CVE-2024-53216",
"CVE-2024-56662",
"CVE-2024-56675",
"CVE-2024-56690",
"CVE-2024-52332",
"CVE-2024-57901",
"CVE-2024-57902",
"CVE-2025-21633",
"CVE-2025-21652",
"CVE-2025-21647",
"CVE-2025-21655",
"CVE-2024-57941",
"CVE-2024-57942",
"CVE-2025-21671",
"CVE-2025-21680",
"CVE-2025-21693",
"CVE-2025-21691",
"CVE-2025-21696",
"CVE-2025-21702",
"CVE-2025-21732",
"CVE-2025-21795",
"CVE-2024-54456",
"CVE-2024-57987",
"CVE-2024-58014",
"CVE-2024-57988",
"CVE-2024-49570",
"CVE-2024-58004",
"CVE-2025-21742",
"CVE-2025-21743",
"CVE-2024-57989",
"CVE-2024-58015",
"CVE-2024-57995",
"CVE-2025-21796",
"CVE-2025-21786",
"CVE-2024-58005",
"CVE-2024-58013",
"CVE-2025-21777",
"CVE-2025-21738",
"CVE-2024-57986",
"CVE-2025-21726",
"CVE-2025-21791",
"CVE-2024-58020",
"CVE-2024-57984",
"CVE-2025-21761",
"CVE-2025-21771",
"CVE-2024-57981",
"CVE-2024-57977",
"CVE-2025-21790",
"CVE-2025-21741",
"CVE-2025-21785",
"CVE-2025-21765",
"CVE-2024-58006",
"CVE-2024-58012",
"CVE-2025-21750",
"CVE-2024-58072",
"CVE-2024-58069",
"CVE-2024-58061",
"CVE-2024-58057",
"CVE-2025-21828",
"CVE-2025-21826",
"CVE-2024-58077",
"CVE-2024-58075",
"CVE-2025-21837",
"CVE-2024-36350",
"CVE-2024-36357",
"CVE-2025-21857",
"CVE-2025-21851",
"CVE-2025-21855",
"CVE-2025-21844",
"CVE-2025-21853",
"CVE-2025-21847",
"CVE-2025-21864",
"CVE-2024-58088",
"CVE-2025-21846",
"CVE-2025-21861",
"CVE-2025-21863",
"CVE-2025-21976",
"CVE-2025-22056",
"CVE-2025-37749",
"CVE-2024-28956",
"CVE-2025-37994",
"CVE-2025-38116",
"CVE-2025-38412",
"CVE-2025-38369",
"CVE-2025-38468"
],
"summary": "Moderate: kernel security update"
}
GHSA-G8QJ-5WMW-7W59
Vulnerability from github – Published: 2025-02-27 03:34 – Updated: 2025-10-28 21:30
VLAI?
Details
In the Linux kernel, the following vulnerability has been resolved:
ring-buffer: Validate the persistent meta data subbuf array
The meta data for a mapped ring buffer contains an array of indexes of all the subbuffers. The first entry is the reader page, and the rest of the entries lay out the order of the subbuffers in how the ring buffer link list is to be created.
The validator currently makes sure that all the entries are within the range of 0 and nr_subbufs. But it does not check if there are any duplicates.
While working on the ring buffer, I corrupted this array, where I added duplicates. The validator did not catch it and created the ring buffer link list on top of it. Luckily, the corruption was only that the reader page was also in the writer path and only presented corrupted data but did not crash the kernel. But if there were duplicates in the writer side, then it could corrupt the ring buffer link list and cause a crash.
Create a bitmask array with the size of the number of subbuffers. Then clear it. When walking through the subbuf array checking to see if the entries are within the range, test if its bit is already set in the subbuf_mask. If it is, then there is duplicates and fail the validation. If not, set the corresponding bit and continue.
Severity ?
5.5 (Medium)
{
"affected": [],
"aliases": [
"CVE-2025-21777"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-27T03:15:18Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nring-buffer: Validate the persistent meta data subbuf array\n\nThe meta data for a mapped ring buffer contains an array of indexes of all\nthe subbuffers. The first entry is the reader page, and the rest of the\nentries lay out the order of the subbuffers in how the ring buffer link\nlist is to be created.\n\nThe validator currently makes sure that all the entries are within the\nrange of 0 and nr_subbufs. But it does not check if there are any\nduplicates.\n\nWhile working on the ring buffer, I corrupted this array, where I added\nduplicates. The validator did not catch it and created the ring buffer\nlink list on top of it. Luckily, the corruption was only that the reader\npage was also in the writer path and only presented corrupted data but did\nnot crash the kernel. But if there were duplicates in the writer side,\nthen it could corrupt the ring buffer link list and cause a crash.\n\nCreate a bitmask array with the size of the number of subbuffers. Then\nclear it. When walking through the subbuf array checking to see if the\nentries are within the range, test if its bit is already set in the\nsubbuf_mask. If it is, then there is duplicates and fail the validation.\nIf not, set the corresponding bit and continue.",
"id": "GHSA-g8qj-5wmw-7w59",
"modified": "2025-10-28T21:30:28Z",
"published": "2025-02-27T03:34:06Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21777"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/0d547a6f5e8fad26ebc12f501d7d19fccdbad6bf"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3ec743d558f111d8999aea24577ba66c65ee2eeb"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f5b95f1fa2ef3a03f49eeec658ba97e721412b32"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
CVE-2025-21777
Vulnerability from fstec - Published: 14.02.2025
VLAI Severity ?
Title
Уязвимость компонента trace/ring_buffer.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Description
Уязвимость компонента trace/ring_buffer.c ядра операционной системы Linux связана с копированием буфера без проверки входных данных. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании
Severity ?
Vendor
ООО «РусБИТех-Астра», Сообщество свободного программного обеспечения
Software Name
Astra Linux Special Edition (запись в едином реестре российских программ №369), Linux
Software Version
1.8 (Astra Linux Special Edition), от 6.12 до 6.12.16 (Linux), от 6.13 до 6.13.4 (Linux)
Possible Mitigations
В условиях отсутствия обновлений безопасности от производителя рекомендуется придерживаться "Рекомендаций по безопасной настройке операционных систем LINUX", изложенных в методическом документе ФСТЭК России, утверждённом 25 декабря 2022 года.
Использование рекомендаций:
Для Linux:
https://github.com/torvalds/linux/commit/f5b95f1fa2ef3a03f49eeec658ba97e721412b32
Для ОС Astra Linux:
обновить пакет linux-6.12 до 6.12.34-1.astra1+ci2 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0811SE18
Reference
https://git.kernel.org/linus/f5b95f1fa2ef3a03f49eeec658ba97e721412b32
https://git.kernel.org/stable/c/0d547a6f5e8fad26ebc12f501d7d19fccdbad6bf
https://git.kernel.org/stable/c/3ec743d558f111d8999aea24577ba66c65ee2eeb
https://git.kernel.org/stable/c/f5b95f1fa2ef3a03f49eeec658ba97e721412b32
https://github.com/torvalds/linux/commit/f5b95f1fa2ef3a03f49eeec658ba97e721412b32
https://nvd.nist.gov/vuln/detail/CVE-2025-21777
https://security-tracker.debian.org/tracker/CVE-2025-21777
https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0811SE18
CWE
CWE-120
{
"CVSS 2.0": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
"CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "1.8 (Astra Linux Special Edition), \u043e\u0442 6.12 \u0434\u043e 6.12.16 (Linux), \u043e\u0442 6.13 \u0434\u043e 6.13.4 (Linux)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0412 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c\u0441\u044f \"\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c LINUX\", \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043c\u0435\u0442\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0435 \u0424\u0421\u0422\u042d\u041a \u0420\u043e\u0441\u0441\u0438\u0438, \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u043e\u043c 25 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Linux:\nhttps://github.com/torvalds/linux/commit/f5b95f1fa2ef3a03f49eeec658ba97e721412b32\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 linux-6.12 \u0434\u043e 6.12.34-1.astra1+ci2 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0811SE18",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "14.02.2025",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "28.09.2025",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "28.09.2025",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-11843",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2025-21777",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Linux",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.8 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 6.12 \u0434\u043e 6.12.16 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 6.13 \u0434\u043e 6.13.4 ",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 trace/ring_buffer.c \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u0431\u0435\u0437 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0440\u0430\u0437\u043c\u0435\u0440\u0430 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (\u043a\u043b\u0430\u0441\u0441\u0438\u0447\u0435\u0441\u043a\u043e\u0435 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430) (CWE-120)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 trace/ring_buffer.c \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430 \u0431\u0435\u0437 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://git.kernel.org/linus/f5b95f1fa2ef3a03f49eeec658ba97e721412b32\nhttps://git.kernel.org/stable/c/0d547a6f5e8fad26ebc12f501d7d19fccdbad6bf\nhttps://git.kernel.org/stable/c/3ec743d558f111d8999aea24577ba66c65ee2eeb\nhttps://git.kernel.org/stable/c/f5b95f1fa2ef3a03f49eeec658ba97e721412b32\nhttps://github.com/torvalds/linux/commit/f5b95f1fa2ef3a03f49eeec658ba97e721412b32\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-21777\nhttps://security-tracker.debian.org/tracker/CVE-2025-21777\nhttps://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0811SE18",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-120",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,6)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…