Vulnerability-Lookup

CVE-2025-37907 (GCVE-0-2025-37907)

Vulnerability from cvelistv5 – Published: 2025-05-20 15:21 – Updated: 2025-05-26 05:23

Title

accel/ivpu: Fix locking order in ivpu_job_submit

Summary

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix locking order in ivpu_job_submit Fix deadlock in job submission and abort handling. When a thread aborts currently executing jobs due to a fault, it first locks the global lock protecting submitted_jobs (#1). After the last job is destroyed, it proceeds to release the related context and locks file_priv (#2). Meanwhile, in the job submission thread, the file_priv lock (#2) is taken first, and then the submitted_jobs lock (#1) is obtained when a job is added to the submitted jobs list. CPU0 CPU1 ---- ---- (for example due to a fault) (jobs submissions keep coming) lock(&vdev->submitted_jobs_lock) #1 ivpu_jobs_abort_all() job_destroy() lock(&file_priv->lock) #2 lock(&vdev->submitted_jobs_lock) #1 file_priv_release() lock(&vdev->context_list_lock) lock(&file_priv->lock) #2 This order of locking causes a deadlock. To resolve this issue, change the order of locking in ivpu_job_submit().

Severity ?

No CVSS data available.

Assigner

Linux

References

URL

FKIE_CVE-2025-37907

Vulnerability from fkie_nvd - Published: 2025-05-20 16:15 - Updated: 2025-11-17 15:02

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/079d2622f8c9e0c380149645fff21d35c59ce6ff	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/ab680dc6c78aa035e944ecc8c48a1caab9f39924	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/b9b70924a272c2d72023306bc56f521c056212ee	Patch

Impacted products

	Vendor	Product	Version
	linux	linux_kernel	*
	linux	linux_kernel	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4826B58-ADBE-480C-AF76-92BDA681D085",
              "versionEndExcluding": "6.12.28",
              "versionStartIncluding": "6.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "19E5095E-5950-43EA-8E78-FC860855293F",
              "versionEndExcluding": "6.14.6",
              "versionStartIncluding": "6.13",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/ivpu: Fix locking order in ivpu_job_submit\n\nFix deadlock in job submission and abort handling.\nWhen a thread aborts currently executing jobs due to a fault,\nit first locks the global lock protecting submitted_jobs (#1).\n\nAfter the last job is destroyed, it proceeds to release the related context\nand locks file_priv (#2). Meanwhile, in the job submission thread,\nthe file_priv lock (#2) is taken first, and then the submitted_jobs\nlock (#1) is obtained when a job is added to the submitted jobs list.\n\n       CPU0                            CPU1\n       ----                    \t       ----\n  (for example due to a fault)         (jobs submissions keep coming)\n\n  lock(\u0026vdev-\u003esubmitted_jobs_lock) #1\n  ivpu_jobs_abort_all()\n  job_destroy()\n                                      lock(\u0026file_priv-\u003elock)           #2\n                                      lock(\u0026vdev-\u003esubmitted_jobs_lock) #1\n  file_priv_release()\n  lock(\u0026vdev-\u003econtext_list_lock)\n  lock(\u0026file_priv-\u003elock)           #2\n\nThis order of locking causes a deadlock. To resolve this issue,\nchange the order of locking in ivpu_job_submit()."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: accel/ivpu: Se corrige el orden de bloqueo en ivpu_job_submit. Se corrige el bloqueo en el env\u00edo de trabajos y la gesti\u00f3n de abortos. Cuando un hilo cancela trabajos en ejecuci\u00f3n debido a un fallo, primero bloquea el bloqueo global que protege submit_jobs (#1). Tras la destrucci\u00f3n del \u00faltimo trabajo, libera el contexto relacionado y bloquea file_priv (#2). Mientras tanto, en el hilo de env\u00edo de trabajos, primero se obtiene el bloqueo file_priv (#2) y, a continuaci\u00f3n, el bloqueo submit_jobs (#1) al a\u00f1adir un trabajo a la lista de trabajos enviados. CPU0 CPU1 ---- ---- (por ejemplo, debido a un fallo) (los env\u00edos de trabajos siguen llegando) lock(\u0026amp;vdev-\u0026gt;submitted_jobs_lock) #1 ivpu_jobs_abort_all() job_destroy() lock(\u0026amp;file_priv-\u0026gt;lock) #2 lock(\u0026amp;vdev-\u0026gt;submitted_jobs_lock) #1 file_priv_release() lock(\u0026amp;vdev-\u0026gt;context_list_lock) lock(\u0026amp;file_priv-\u0026gt;lock) #2 Este orden de bloqueo provoca un interbloqueo. Para solucionar este problema, cambie el orden de bloqueo en ivpu_job_submit()."
    }
  ],
  "id": "CVE-2025-37907",
  "lastModified": "2025-11-17T15:02:38.810",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-05-20T16:15:27.177",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/079d2622f8c9e0c380149645fff21d35c59ce6ff"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/ab680dc6c78aa035e944ecc8c48a1caab9f39924"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/b9b70924a272c2d72023306bc56f521c056212ee"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-667"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2025-37907

Vulnerability from fstec - Published: 09.01.2025

Title

Уязвимость компонента accel/ivpu ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость компонента accel/ivpu ядра операционной системы Linux связана с ошибками при блокировке потоков. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании

Severity ?


                    
                      AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Vendor

ООО «РусБИТех-Астра», Сообщество свободного программного обеспечения

Software Name

Astra Linux Special Edition (запись в едином реестре российских программ №369), Linux

Software Version

1.8 (Astra Linux Special Edition), от 6.13 до 6.14.6 (Linux), от 6.3 до 6.12.28 (Linux)

Possible Mitigations

В условиях отсутствия обновлений безопасности от производителя рекомендуется придерживаться "Рекомендаций по безопасной настройке операционных систем LINUX", изложенных в методическом документе ФСТЭК России, утверждённом 25 декабря 2022 года. Использование рекомендаций: Для Linux: https://github.com/torvalds/linux/commit/ab680dc6c78aa035e944ecc8c48a1caab9f39924 Для ОС Astra Linux: обновить пакет linux-6.12 до 6.12.34-1.astra1+ci2 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0811SE18

Reference

https://git.kernel.org/linus/ab680dc6c78aa035e944ecc8c48a1caab9f39924 https://git.kernel.org/stable/c/079d2622f8c9e0c380149645fff21d35c59ce6ff https://git.kernel.org/stable/c/ab680dc6c78aa035e944ecc8c48a1caab9f39924 https://git.kernel.org/stable/c/b9b70924a272c2d72023306bc56f521c056212ee https://github.com/torvalds/linux/commit/ab680dc6c78aa035e944ecc8c48a1caab9f39924 https://nvd.nist.gov/vuln/detail/CVE-2025-37907 https://security-tracker.debian.org/tracker/CVE-2025-37907 https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0811SE18

CWE

CWE-833

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:H/Au:S/C:N/I:N/A:C",
  "CVSS 3.0": "AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "1.8 (Astra Linux Special Edition), \u043e\u0442 6.13 \u0434\u043e 6.14.6 (Linux), \u043e\u0442 6.3 \u0434\u043e 6.12.28 (Linux)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0412 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c\u0441\u044f \"\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c LINUX\", \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043c\u0435\u0442\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0435 \u0424\u0421\u0422\u042d\u041a \u0420\u043e\u0441\u0441\u0438\u0438, \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u043e\u043c 25 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Linux:\nhttps://github.com/torvalds/linux/commit/ab680dc6c78aa035e944ecc8c48a1caab9f39924\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 linux-6.12 \u0434\u043e 6.12.34-1.astra1+ci2 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0811SE18",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "09.01.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "29.09.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "29.09.2025",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-12337",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2025-37907",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Linux",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.8  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 6.13 \u0434\u043e 6.14.6 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 6.3 \u0434\u043e 6.12.28 ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 accel/ivpu \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0417\u0430\u0432\u0438\u0441\u0430\u043d\u0438\u0435 (CWE-833)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 accel/ivpu \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u043f\u0440\u0438 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0435 \u043f\u043e\u0442\u043e\u043a\u043e\u0432. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u0441\u0447\u0435\u0440\u043f\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://git.kernel.org/linus/ab680dc6c78aa035e944ecc8c48a1caab9f39924\nhttps://git.kernel.org/stable/c/079d2622f8c9e0c380149645fff21d35c59ce6ff\nhttps://git.kernel.org/stable/c/ab680dc6c78aa035e944ecc8c48a1caab9f39924\nhttps://git.kernel.org/stable/c/b9b70924a272c2d72023306bc56f521c056212ee\nhttps://github.com/torvalds/linux/commit/ab680dc6c78aa035e944ecc8c48a1caab9f39924\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-37907\nhttps://security-tracker.debian.org/tracker/CVE-2025-37907\nhttps://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0811SE18",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-833",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041d\u0438\u0437\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 3,8)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,7)"
}

GHSA-73J2-7869-745F

Vulnerability from github – Published: 2025-05-20 18:30 – Updated: 2025-11-17 15:30

Details

In the Linux kernel, the following vulnerability has been resolved:

accel/ivpu: Fix locking order in ivpu_job_submit

Fix deadlock in job submission and abort handling. When a thread aborts currently executing jobs due to a fault, it first locks the global lock protecting submitted_jobs (#1).

After the last job is destroyed, it proceeds to release the related context and locks file_priv (#2). Meanwhile, in the job submission thread, the file_priv lock (#2) is taken first, and then the submitted_jobs lock (#1) is obtained when a job is added to the submitted jobs list.

   CPU0                            CPU1
   ----                            ----

(for example due to a fault) (jobs submissions keep coming)

lock(&vdev->submitted_jobs_lock) #1 ivpu_jobs_abort_all() job_destroy() lock(&file_priv->lock) #2 lock(&vdev->submitted_jobs_lock) #1 file_priv_release() lock(&vdev->context_list_lock) lock(&file_priv->lock) #2

This order of locking causes a deadlock. To resolve this issue, change the order of locking in ivpu_job_submit().

Severity ?

5.5 (Medium)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-37907"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-667"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-20T16:15:27Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/ivpu: Fix locking order in ivpu_job_submit\n\nFix deadlock in job submission and abort handling.\nWhen a thread aborts currently executing jobs due to a fault,\nit first locks the global lock protecting submitted_jobs (#1).\n\nAfter the last job is destroyed, it proceeds to release the related context\nand locks file_priv (#2). Meanwhile, in the job submission thread,\nthe file_priv lock (#2) is taken first, and then the submitted_jobs\nlock (#1) is obtained when a job is added to the submitted jobs list.\n\n       CPU0                            CPU1\n       ----                    \t       ----\n  (for example due to a fault)         (jobs submissions keep coming)\n\n  lock(\u0026vdev-\u003esubmitted_jobs_lock) #1\n  ivpu_jobs_abort_all()\n  job_destroy()\n                                      lock(\u0026file_priv-\u003elock)           #2\n                                      lock(\u0026vdev-\u003esubmitted_jobs_lock) #1\n  file_priv_release()\n  lock(\u0026vdev-\u003econtext_list_lock)\n  lock(\u0026file_priv-\u003elock)           #2\n\nThis order of locking causes a deadlock. To resolve this issue,\nchange the order of locking in ivpu_job_submit().",
  "id": "GHSA-73j2-7869-745f",
  "modified": "2025-11-17T15:30:31Z",
  "published": "2025-05-20T18:30:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-37907"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/079d2622f8c9e0c380149645fff21d35c59ce6ff"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ab680dc6c78aa035e944ecc8c48a1caab9f39924"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b9b70924a272c2d72023306bc56f521c056212ee"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CERTFR-2025-AVI-0625

Vulnerability from certfr_avis - Published: 2025-07-25 - Updated: 2025-07-25

De multiples vulnérabilités ont été découvertes dans Ubuntu Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Ubuntu	Ubuntu	Ubuntu 20.04 ESM
Ubuntu	Ubuntu	Ubuntu 24.04 LTS
Ubuntu	Ubuntu	Ubuntu 25.04
Ubuntu	Ubuntu	Ubuntu 22.04 LTS

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-7651-5	2025-07-24	vendor-advisory
Bulletin de sécurité Ubuntu USN-7651-6	2025-07-24	vendor-advisory
Bulletin de sécurité Ubuntu USN-7654-3	2025-07-18	vendor-advisory
Bulletin de sécurité Ubuntu USN-7611-4	2025-07-21	vendor-advisory
Bulletin de sécurité Ubuntu USN-7665-2	2025-07-24	vendor-advisory
Bulletin de sécurité Ubuntu USN-7651-3	2025-07-22	vendor-advisory
Bulletin de sécurité Ubuntu USN-7649-2	2025-07-22	vendor-advisory
Bulletin de sécurité Ubuntu USN-7665-1	2025-07-22	vendor-advisory
Bulletin de sécurité Ubuntu USN-7654-2	2025-07-18	vendor-advisory
Bulletin de sécurité Ubuntu USN-7655-1	2025-07-18	vendor-advisory
Bulletin de sécurité Ubuntu USN-7654-4	2025-07-22	vendor-advisory
Bulletin de sécurité Ubuntu USN-7651-2	2025-07-18	vendor-advisory
Bulletin de sécurité Ubuntu USN-7651-4	2025-07-22	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 20.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 24.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 25.04",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 22.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-26686",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26686"
    },
    {
      "name": "CVE-2023-52572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52572"
    },
    {
      "name": "CVE-2024-26739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26739"
    },
    {
      "name": "CVE-2023-52757",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52757"
    },
    {
      "name": "CVE-2024-35866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35866"
    },
    {
      "name": "CVE-2024-35867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35867"
    },
    {
      "name": "CVE-2024-35943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35943"
    },
    {
      "name": "CVE-2024-35790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35790"
    },
    {
      "name": "CVE-2024-36945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36945"
    },
    {
      "name": "CVE-2024-38540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38540"
    },
    {
      "name": "CVE-2024-38541",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38541"
    },
    {
      "name": "CVE-2024-36908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36908"
    },
    {
      "name": "CVE-2024-27402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27402"
    },
    {
      "name": "CVE-2024-42230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42230"
    },
    {
      "name": "CVE-2022-48893",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48893"
    },
    {
      "name": "CVE-2024-42322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42322"
    },
    {
      "name": "CVE-2024-46812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46812"
    },
    {
      "name": "CVE-2024-46821",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46821"
    },
    {
      "name": "CVE-2024-46751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46751"
    },
    {
      "name": "CVE-2024-46753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46753"
    },
    {
      "name": "CVE-2024-46774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46774"
    },
    {
      "name": "CVE-2024-46787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46787"
    },
    {
      "name": "CVE-2024-46816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46816"
    },
    {
      "name": "CVE-2024-49960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49960"
    },
    {
      "name": "CVE-2024-50047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50047"
    },
    {
      "name": "CVE-2024-50272",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50272"
    },
    {
      "name": "CVE-2024-50280",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50280"
    },
    {
      "name": "CVE-2024-49989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49989"
    },
    {
      "name": "CVE-2024-50125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50125"
    },
    {
      "name": "CVE-2024-53051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53051"
    },
    {
      "name": "CVE-2024-53144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53144"
    },
    {
      "name": "CVE-2024-8805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8805"
    },
    {
      "name": "CVE-2024-56551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56551"
    },
    {
      "name": "CVE-2024-53168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53168"
    },
    {
      "name": "CVE-2024-56664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56664"
    },
    {
      "name": "CVE-2024-50258",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50258"
    },
    {
      "name": "CVE-2024-53203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53203"
    },
    {
      "name": "CVE-2024-56608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56608"
    },
    {
      "name": "CVE-2024-53128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53128"
    },
    {
      "name": "CVE-2024-49887",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49887"
    },
    {
      "name": "CVE-2024-56751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56751"
    },
    {
      "name": "CVE-2024-57979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
    },
    {
      "name": "CVE-2024-57994",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-57994"
    },
    {
      "name": "CVE-2025-21705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21705"
    },
    {
      "name": "CVE-2025-21715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21715"
    },
    {
      "name": "CVE-2025-21716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21716"
    },
    {
      "name": "CVE-2025-21719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21719"
    },
    {
      "name": "CVE-2025-21724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21724"
    },
    {
      "name": "CVE-2025-21725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21725"
    },
    {
      "name": "CVE-2025-21728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21728"
    },
    {
      "name": "CVE-2025-21733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21733"
    },
    {
      "name": "CVE-2025-21753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21753"
    },
    {
      "name": "CVE-2025-21754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21754"
    },
    {
      "name": "CVE-2025-21799",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21799"
    },
    {
      "name": "CVE-2025-21802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21802"
    },
    {
      "name": "CVE-2022-49063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49063"
    },
    {
      "name": "CVE-2022-49535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49535"
    },
    {
      "name": "CVE-2024-57996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-57996"
    },
    {
      "name": "CVE-2024-58014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58014"
    },
    {
      "name": "CVE-2025-21718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21718"
    },
    {
      "name": "CVE-2024-54458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
    },
    {
      "name": "CVE-2024-57973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-57973"
    },
    {
      "name": "CVE-2024-57980",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
    },
    {
      "name": "CVE-2024-57981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
    },
    {
      "name": "CVE-2024-57986",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-57986"
    },
    {
      "name": "CVE-2024-57993",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-57993"
    },
    {
      "name": "CVE-2024-57997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-57997"
    },
    {
      "name": "CVE-2024-57998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-57998"
    },
    {
      "name": "CVE-2024-58001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58001"
    },
    {
      "name": "CVE-2024-58007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58007"
    },
    {
      "name": "CVE-2024-58010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58010"
    },
    {
      "name": "CVE-2024-58011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58011"
    },
    {
      "name": "CVE-2024-58013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58013"
    },
    {
      "name": "CVE-2024-58016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58016"
    },
    {
      "name": "CVE-2024-58017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
    },
    {
      "name": "CVE-2024-58034",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58034"
    },
    {
      "name": "CVE-2024-58051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58051"
    },
    {
      "name": "CVE-2024-58052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58052"
    },
    {
      "name": "CVE-2024-58054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58054"
    },
    {
      "name": "CVE-2024-58055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58055"
    },
    {
      "name": "CVE-2024-58056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58056"
    },
    {
      "name": "CVE-2024-58058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58058"
    },
    {
      "name": "CVE-2024-58061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58061"
    },
    {
      "name": "CVE-2024-58063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
    },
    {
      "name": "CVE-2024-58068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58068"
    },
    {
      "name": "CVE-2024-58069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58069"
    },
    {
      "name": "CVE-2024-58071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58071"
    },
    {
      "name": "CVE-2024-58072",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58072"
    },
    {
      "name": "CVE-2024-58076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58076"
    },
    {
      "name": "CVE-2024-58077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58077"
    },
    {
      "name": "CVE-2024-58080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58080"
    },
    {
      "name": "CVE-2024-58083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
    },
    {
      "name": "CVE-2024-58085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58085"
    },
    {
      "name": "CVE-2025-21707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
    },
    {
      "name": "CVE-2025-21708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21708"
    },
    {
      "name": "CVE-2025-21711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21711"
    },
    {
      "name": "CVE-2025-21722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21722"
    },
    {
      "name": "CVE-2025-21726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21726"
    },
    {
      "name": "CVE-2025-21727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
    },
    {
      "name": "CVE-2025-21731",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
    },
    {
      "name": "CVE-2025-21734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21734"
    },
    {
      "name": "CVE-2025-21735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
    },
    {
      "name": "CVE-2025-21736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21736"
    },
    {
      "name": "CVE-2025-21738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21738"
    },
    {
      "name": "CVE-2025-21744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21744"
    },
    {
      "name": "CVE-2025-21745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21745"
    },
    {
      "name": "CVE-2025-21748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21748"
    },
    {
      "name": "CVE-2025-21749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21749"
    },
    {
      "name": "CVE-2025-21750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21750"
    },
    {
      "name": "CVE-2025-21804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21804"
    },
    {
      "name": "CVE-2025-21806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21806"
    },
    {
      "name": "CVE-2025-21811",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21811"
    },
    {
      "name": "CVE-2025-21812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21812"
    },
    {
      "name": "CVE-2025-21814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21814"
    },
    {
      "name": "CVE-2025-21820",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21820"
    },
    {
      "name": "CVE-2025-21826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21826"
    },
    {
      "name": "CVE-2025-21829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21829"
    },
    {
      "name": "CVE-2025-21830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
    },
    {
      "name": "CVE-2025-21832",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21832"
    },
    {
      "name": "CVE-2024-57974",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-57974"
    },
    {
      "name": "CVE-2024-57990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-57990"
    },
    {
      "name": "CVE-2024-57999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-57999"
    },
    {
      "name": "CVE-2024-58002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58002"
    },
    {
      "name": "CVE-2024-58005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58005"
    },
    {
      "name": "CVE-2024-58006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58006"
    },
    {
      "name": "CVE-2024-58019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58019"
    },
    {
      "name": "CVE-2024-58057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58057"
    },
    {
      "name": "CVE-2024-58078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58078"
    },
    {
      "name": "CVE-2024-58079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
    },
    {
      "name": "CVE-2025-21714",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21714"
    },
    {
      "name": "CVE-2025-21723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21723"
    },
    {
      "name": "CVE-2025-21732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21732"
    },
    {
      "name": "CVE-2025-21739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21739"
    },
    {
      "name": "CVE-2025-21741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21741"
    },
    {
      "name": "CVE-2025-21742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21742"
    },
    {
      "name": "CVE-2025-21743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21743"
    },
    {
      "name": "CVE-2025-21810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21810"
    },
    {
      "name": "CVE-2025-21815",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21815"
    },
    {
      "name": "CVE-2025-21825",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21825"
    },
    {
      "name": "CVE-2025-21828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21828"
    },
    {
      "name": "CVE-2025-21839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
    },
    {
      "name": "CVE-2025-21721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21721"
    },
    {
      "name": "CVE-2025-21941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
    },
    {
      "name": "CVE-2025-21956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
    },
    {
      "name": "CVE-2025-21957",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
    },
    {
      "name": "CVE-2025-21959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
    },
    {
      "name": "CVE-2025-21962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
    },
    {
      "name": "CVE-2025-21963",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
    },
    {
      "name": "CVE-2025-21964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
    },
    {
      "name": "CVE-2025-21968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
    },
    {
      "name": "CVE-2025-21970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
    },
    {
      "name": "CVE-2025-21975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
    },
    {
      "name": "CVE-2025-21981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
    },
    {
      "name": "CVE-2025-21991",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
    },
    {
      "name": "CVE-2025-21992",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
    },
    {
      "name": "CVE-2025-21994",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
    },
    {
      "name": "CVE-2025-21996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
    },
    {
      "name": "CVE-2025-21999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
    },
    {
      "name": "CVE-2025-22004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
    },
    {
      "name": "CVE-2025-22005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
    },
    {
      "name": "CVE-2025-22007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
    },
    {
      "name": "CVE-2025-22008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
    },
    {
      "name": "CVE-2025-22010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
    },
    {
      "name": "CVE-2025-22014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
    },
    {
      "name": "CVE-2025-2312",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
    },
    {
      "name": "CVE-2023-53034",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-53034"
    },
    {
      "name": "CVE-2024-46742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46742"
    },
    {
      "name": "CVE-2025-21853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
    },
    {
      "name": "CVE-2025-22025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22025"
    },
    {
      "name": "CVE-2025-22027",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22027"
    },
    {
      "name": "CVE-2025-22035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22035"
    },
    {
      "name": "CVE-2025-22044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22044"
    },
    {
      "name": "CVE-2025-22045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22045"
    },
    {
      "name": "CVE-2025-22050",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22050"
    },
    {
      "name": "CVE-2025-22054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22054"
    },
    {
      "name": "CVE-2025-22055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22055"
    },
    {
      "name": "CVE-2025-22056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22056"
    },
    {
      "name": "CVE-2025-22060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22060"
    },
    {
      "name": "CVE-2025-22063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22063"
    },
    {
      "name": "CVE-2025-22066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22066"
    },
    {
      "name": "CVE-2025-22071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22071"
    },
    {
      "name": "CVE-2025-22073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22073"
    },
    {
      "name": "CVE-2025-22075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22075"
    },
    {
      "name": "CVE-2025-22079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22079"
    },
    {
      "name": "CVE-2025-22081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22081"
    },
    {
      "name": "CVE-2025-22086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22086"
    },
    {
      "name": "CVE-2025-22089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22089"
    },
    {
      "name": "CVE-2025-22097",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22097"
    },
    {
      "name": "CVE-2025-23136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23136"
    },
    {
      "name": "CVE-2025-23138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23138"
    },
    {
      "name": "CVE-2025-37785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
    },
    {
      "name": "CVE-2025-37838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37838"
    },
    {
      "name": "CVE-2025-38152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38152"
    },
    {
      "name": "CVE-2025-38575",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38575"
    },
    {
      "name": "CVE-2025-38637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38637"
    },
    {
      "name": "CVE-2025-39728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39728"
    },
    {
      "name": "CVE-2025-39735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39735"
    },
    {
      "name": "CVE-2024-58081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58081"
    },
    {
      "name": "CVE-2022-49728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49728"
    },
    {
      "name": "CVE-2024-58018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58018"
    },
    {
      "name": "CVE-2024-58070",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58070"
    },
    {
      "name": "CVE-2024-58093",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
    },
    {
      "name": "CVE-2025-21808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21808"
    },
    {
      "name": "CVE-2025-22018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22018"
    },
    {
      "name": "CVE-2025-22020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22020"
    },
    {
      "name": "CVE-2025-22062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22062"
    },
    {
      "name": "CVE-2025-23145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23145"
    },
    {
      "name": "CVE-2025-37798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
    },
    {
      "name": "CVE-2025-37749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37749"
    },
    {
      "name": "CVE-2025-22021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22021"
    },
    {
      "name": "CVE-2025-23140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23140"
    },
    {
      "name": "CVE-2025-23142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23142"
    },
    {
      "name": "CVE-2025-23144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23144"
    },
    {
      "name": "CVE-2025-23146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23146"
    },
    {
      "name": "CVE-2025-23147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23147"
    },
    {
      "name": "CVE-2025-23148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23148"
    },
    {
      "name": "CVE-2025-23150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23150"
    },
    {
      "name": "CVE-2025-23151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23151"
    },
    {
      "name": "CVE-2025-23156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23156"
    },
    {
      "name": "CVE-2025-23157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23157"
    },
    {
      "name": "CVE-2025-23158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23158"
    },
    {
      "name": "CVE-2025-23159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23159"
    },
    {
      "name": "CVE-2025-23161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23161"
    },
    {
      "name": "CVE-2025-23163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23163"
    },
    {
      "name": "CVE-2025-37738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37738"
    },
    {
      "name": "CVE-2025-37739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37739"
    },
    {
      "name": "CVE-2025-37740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37740"
    },
    {
      "name": "CVE-2025-37741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37741"
    },
    {
      "name": "CVE-2025-37742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37742"
    },
    {
      "name": "CVE-2025-37756",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
    },
    {
      "name": "CVE-2025-37757",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37757"
    },
    {
      "name": "CVE-2025-37758",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37758"
    },
    {
      "name": "CVE-2025-37765",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37765"
    },
    {
      "name": "CVE-2025-37766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37766"
    },
    {
      "name": "CVE-2025-37767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37767"
    },
    {
      "name": "CVE-2025-37768",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37768"
    },
    {
      "name": "CVE-2025-37770",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37770"
    },
    {
      "name": "CVE-2025-37771",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37771"
    },
    {
      "name": "CVE-2025-37773",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37773"
    },
    {
      "name": "CVE-2025-37780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37780"
    },
    {
      "name": "CVE-2025-37781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37781"
    },
    {
      "name": "CVE-2025-37787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37787"
    },
    {
      "name": "CVE-2025-37788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37788"
    },
    {
      "name": "CVE-2025-37789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37789"
    },
    {
      "name": "CVE-2025-37790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37790"
    },
    {
      "name": "CVE-2025-37792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37792"
    },
    {
      "name": "CVE-2025-37794",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37794"
    },
    {
      "name": "CVE-2025-37796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37796"
    },
    {
      "name": "CVE-2025-37797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
    },
    {
      "name": "CVE-2025-37803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37803"
    },
    {
      "name": "CVE-2025-37805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37805"
    },
    {
      "name": "CVE-2025-37808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37808"
    },
    {
      "name": "CVE-2025-37810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37810"
    },
    {
      "name": "CVE-2025-37811",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37811"
    },
    {
      "name": "CVE-2025-37812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37812"
    },
    {
      "name": "CVE-2025-37817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37817"
    },
    {
      "name": "CVE-2025-37823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37823"
    },
    {
      "name": "CVE-2025-37824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37824"
    },
    {
      "name": "CVE-2025-37829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37829"
    },
    {
      "name": "CVE-2025-37830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37830"
    },
    {
      "name": "CVE-2025-37836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37836"
    },
    {
      "name": "CVE-2025-37839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37839"
    },
    {
      "name": "CVE-2025-37840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37840"
    },
    {
      "name": "CVE-2025-37841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37841"
    },
    {
      "name": "CVE-2025-37844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37844"
    },
    {
      "name": "CVE-2025-37850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37850"
    },
    {
      "name": "CVE-2025-37851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37851"
    },
    {
      "name": "CVE-2025-37857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37857"
    },
    {
      "name": "CVE-2025-37858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37858"
    },
    {
      "name": "CVE-2025-37859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37859"
    },
    {
      "name": "CVE-2025-37862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37862"
    },
    {
      "name": "CVE-2025-37867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37867"
    },
    {
      "name": "CVE-2025-37871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37871"
    },
    {
      "name": "CVE-2025-37875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37875"
    },
    {
      "name": "CVE-2025-37881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37881"
    },
    {
      "name": "CVE-2025-37883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37883"
    },
    {
      "name": "CVE-2025-37885",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37885"
    },
    {
      "name": "CVE-2025-37889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
    },
    {
      "name": "CVE-2025-37892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37892"
    },
    {
      "name": "CVE-2025-37937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37937"
    },
    {
      "name": "CVE-2025-37940",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37940"
    },
    {
      "name": "CVE-2025-37982",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37982"
    },
    {
      "name": "CVE-2025-37983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37983"
    },
    {
      "name": "CVE-2025-37985",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37985"
    },
    {
      "name": "CVE-2025-37989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37989"
    },
    {
      "name": "CVE-2025-37819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37819"
    },
    {
      "name": "CVE-2025-37890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
    },
    {
      "name": "CVE-2025-37897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37897"
    },
    {
      "name": "CVE-2025-37901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37901"
    },
    {
      "name": "CVE-2025-37903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37903"
    },
    {
      "name": "CVE-2025-37905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37905"
    },
    {
      "name": "CVE-2025-37909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37909"
    },
    {
      "name": "CVE-2025-37911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37911"
    },
    {
      "name": "CVE-2025-37912",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37912"
    },
    {
      "name": "CVE-2025-37913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37913"
    },
    {
      "name": "CVE-2025-37914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37914"
    },
    {
      "name": "CVE-2025-37915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37915"
    },
    {
      "name": "CVE-2025-37917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37917"
    },
    {
      "name": "CVE-2025-37921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37921"
    },
    {
      "name": "CVE-2025-37923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37923"
    },
    {
      "name": "CVE-2025-37924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37924"
    },
    {
      "name": "CVE-2025-37927",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37927"
    },
    {
      "name": "CVE-2025-37928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37928"
    },
    {
      "name": "CVE-2025-37929",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37929"
    },
    {
      "name": "CVE-2025-37930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37930"
    },
    {
      "name": "CVE-2025-37932",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
    },
    {
      "name": "CVE-2025-37936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37936"
    },
    {
      "name": "CVE-2025-37949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37949"
    },
    {
      "name": "CVE-2025-37964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37964"
    },
    {
      "name": "CVE-2025-37967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37967"
    },
    {
      "name": "CVE-2025-37969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37969"
    },
    {
      "name": "CVE-2025-37970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37970"
    },
    {
      "name": "CVE-2025-37990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37990"
    },
    {
      "name": "CVE-2025-37991",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37991"
    },
    {
      "name": "CVE-2025-37750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37750"
    },
    {
      "name": "CVE-2025-37974",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37974"
    },
    {
      "name": "CVE-2022-49168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49168"
    },
    {
      "name": "CVE-2025-37891",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37891"
    },
    {
      "name": "CVE-2025-37900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37900"
    },
    {
      "name": "CVE-2025-37918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37918"
    },
    {
      "name": "CVE-2025-37931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37931"
    },
    {
      "name": "CVE-2025-37933",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37933"
    },
    {
      "name": "CVE-2025-37998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37998"
    },
    {
      "name": "CVE-2022-49636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49636"
    },
    {
      "name": "CVE-2025-37997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
    },
    {
      "name": "CVE-2025-38000",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
    },
    {
      "name": "CVE-2025-38001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
    },
    {
      "name": "CVE-2024-57982",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-57982"
    },
    {
      "name": "CVE-2024-58053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58053"
    },
    {
      "name": "CVE-2025-21720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21720"
    },
    {
      "name": "CVE-2025-37934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37934"
    },
    {
      "name": "CVE-2025-37946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37946"
    },
    {
      "name": "CVE-2025-37992",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37992"
    },
    {
      "name": "CVE-2025-37994",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37994"
    },
    {
      "name": "CVE-2025-37995",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37995"
    },
    {
      "name": "CVE-2025-38005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38005"
    },
    {
      "name": "CVE-2025-38009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38009"
    },
    {
      "name": "CVE-2025-38023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38023"
    },
    {
      "name": "CVE-2025-38024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38024"
    },
    {
      "name": "CVE-2022-21546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21546"
    },
    {
      "name": "CVE-2025-38177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
    },
    {
      "name": "CVE-2024-57953",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-57953"
    },
    {
      "name": "CVE-2024-57975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-57975"
    },
    {
      "name": "CVE-2024-57984",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-57984"
    },
    {
      "name": "CVE-2024-58003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58003"
    },
    {
      "name": "CVE-2024-58082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58082"
    },
    {
      "name": "CVE-2025-21710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21710"
    },
    {
      "name": "CVE-2025-21798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21798"
    },
    {
      "name": "CVE-2025-21801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21801"
    },
    {
      "name": "CVE-2025-21809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21809"
    },
    {
      "name": "CVE-2025-21816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21816"
    },
    {
      "name": "CVE-2025-37894",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37894"
    },
    {
      "name": "CVE-2025-37895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37895"
    },
    {
      "name": "CVE-2025-37896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37896"
    },
    {
      "name": "CVE-2025-37898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37898"
    },
    {
      "name": "CVE-2025-37899",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37899"
    },
    {
      "name": "CVE-2025-37904",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37904"
    },
    {
      "name": "CVE-2025-37906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37906"
    },
    {
      "name": "CVE-2025-37907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37907"
    },
    {
      "name": "CVE-2025-37908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37908"
    },
    {
      "name": "CVE-2025-37910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37910"
    },
    {
      "name": "CVE-2025-37916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37916"
    },
    {
      "name": "CVE-2025-37919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37919"
    },
    {
      "name": "CVE-2025-37920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37920"
    },
    {
      "name": "CVE-2025-37922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37922"
    },
    {
      "name": "CVE-2025-37926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37926"
    },
    {
      "name": "CVE-2025-37935",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37935"
    },
    {
      "name": "CVE-2025-38094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38094"
    },
    {
      "name": "CVE-2025-38216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38216"
    }
  ],
  "initial_release_date": "2025-07-25T00:00:00",
  "last_revision_date": "2025-07-25T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0625",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-07-25T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Ubuntu Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": "2025-07-24",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7651-5",
      "url": "https://ubuntu.com/security/notices/USN-7651-5"
    },
    {
      "published_at": "2025-07-24",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7651-6",
      "url": "https://ubuntu.com/security/notices/USN-7651-6"
    },
    {
      "published_at": "2025-07-18",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7654-3",
      "url": "https://ubuntu.com/security/notices/USN-7654-3"
    },
    {
      "published_at": "2025-07-21",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7611-4",
      "url": "https://ubuntu.com/security/notices/USN-7611-4"
    },
    {
      "published_at": "2025-07-24",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7665-2",
      "url": "https://ubuntu.com/security/notices/USN-7665-2"
    },
    {
      "published_at": "2025-07-22",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7651-3",
      "url": "https://ubuntu.com/security/notices/USN-7651-3"
    },
    {
      "published_at": "2025-07-22",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7649-2",
      "url": "https://ubuntu.com/security/notices/USN-7649-2"
    },
    {
      "published_at": "2025-07-22",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7665-1",
      "url": "https://ubuntu.com/security/notices/USN-7665-1"
    },
    {
      "published_at": "2025-07-18",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7654-2",
      "url": "https://ubuntu.com/security/notices/USN-7654-2"
    },
    {
      "published_at": "2025-07-18",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7655-1",
      "url": "https://ubuntu.com/security/notices/USN-7655-1"
    },
    {
      "published_at": "2025-07-22",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7654-4",
      "url": "https://ubuntu.com/security/notices/USN-7654-4"
    },
    {
      "published_at": "2025-07-18",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7651-2",
      "url": "https://ubuntu.com/security/notices/USN-7651-2"
    },
    {
      "published_at": "2025-07-22",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7651-4",
      "url": "https://ubuntu.com/security/notices/USN-7651-4"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-37907 (GCVE-0-2025-37907)

FKIE_CVE-2025-37907

CVE-2025-37907

GHSA-73J2-7869-745F

CERTFR-2025-AVI-0625

Solutions

Tags

Sightings

Nomenclature