Vulnerability-Lookup

CVE-2025-40028 (GCVE-0-2025-40028)

Vulnerability from cvelistv5 – Published: 2025-10-28 09:32 – Updated: 2025-12-01 06:16

Title

binder: fix double-free in dbitmap

Summary

In the Linux kernel, the following vulnerability has been resolved: binder: fix double-free in dbitmap A process might fail to allocate a new bitmap when trying to expand its proc->dmap. In that case, dbitmap_grow() fails and frees the old bitmap via dbitmap_free(). However, the driver calls dbitmap_free() again when the same process terminates, leading to a double-free error: ================================================================== BUG: KASAN: double-free in binder_proc_dec_tmpref+0x2e0/0x55c Free of addr ffff00000b7c1420 by task kworker/9:1/209 CPU: 9 UID: 0 PID: 209 Comm: kworker/9:1 Not tainted 6.17.0-rc6-dirty #5 PREEMPT Hardware name: linux,dummy-virt (DT) Workqueue: events binder_deferred_func Call trace: kfree+0x164/0x31c binder_proc_dec_tmpref+0x2e0/0x55c binder_deferred_func+0xc24/0x1120 process_one_work+0x520/0xba4 [...] Allocated by task 448: __kmalloc_noprof+0x178/0x3c0 bitmap_zalloc+0x24/0x30 binder_open+0x14c/0xc10 [...] Freed by task 449: kfree+0x184/0x31c binder_inc_ref_for_node+0xb44/0xe44 binder_transaction+0x29b4/0x7fbc binder_thread_write+0x1708/0x442c binder_ioctl+0x1b50/0x2900 [...] ================================================================== Fix this issue by marking proc->map NULL in dbitmap_free().

Severity ?

No CVSS data available.

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/c301ec61ce6f16e21…
	https://git.kernel.org/stable/c/0390633979969c54c…
	https://git.kernel.org/stable/c/b781e5635a3398e2b…
	https://git.kernel.org/stable/c/3ebcd3460cad351f1…

Impacted products

Vendor

Product

Version

Linux

Affected: 15d9da3f818cae676f822a04407d3c17b53357d2 , < c301ec61ce6f16e21a36b99225ca8a20c1591e10 (git)
Affected: 15d9da3f818cae676f822a04407d3c17b53357d2 , < 0390633979969c54c0ce6a198d6f45cdbe2c84b1 (git)
Affected: 15d9da3f818cae676f822a04407d3c17b53357d2 , < b781e5635a3398e2b64440371233c2c5102cd6cb (git)
Affected: 15d9da3f818cae676f822a04407d3c17b53357d2 , < 3ebcd3460cad351f198c39c6edb4af519a0ed934 (git)

Linux

Affected: 6.11
Unaffected: 0 , < 6.11 (semver)
Unaffected: 6.12.52 , ≤ 6.12.* (semver)
Unaffected: 6.16.12 , ≤ 6.16.* (semver)
Unaffected: 6.17.2 , ≤ 6.17.* (semver)
Unaffected: 6.18 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/android/dbitmap.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "c301ec61ce6f16e21a36b99225ca8a20c1591e10",
              "status": "affected",
              "version": "15d9da3f818cae676f822a04407d3c17b53357d2",
              "versionType": "git"
            },
            {
              "lessThan": "0390633979969c54c0ce6a198d6f45cdbe2c84b1",
              "status": "affected",
              "version": "15d9da3f818cae676f822a04407d3c17b53357d2",
              "versionType": "git"
            },
            {
              "lessThan": "b781e5635a3398e2b64440371233c2c5102cd6cb",
              "status": "affected",
              "version": "15d9da3f818cae676f822a04407d3c17b53357d2",
              "versionType": "git"
            },
            {
              "lessThan": "3ebcd3460cad351f198c39c6edb4af519a0ed934",
              "status": "affected",
              "version": "15d9da3f818cae676f822a04407d3c17b53357d2",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/android/dbitmap.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.11"
            },
            {
              "lessThan": "6.11",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.52",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.16.*",
              "status": "unaffected",
              "version": "6.16.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.17.*",
              "status": "unaffected",
              "version": "6.17.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.18",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.52",
                  "versionStartIncluding": "6.11",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.16.12",
                  "versionStartIncluding": "6.11",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.17.2",
                  "versionStartIncluding": "6.11",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.18",
                  "versionStartIncluding": "6.11",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbinder: fix double-free in dbitmap\n\nA process might fail to allocate a new bitmap when trying to expand its\nproc-\u003edmap. In that case, dbitmap_grow() fails and frees the old bitmap\nvia dbitmap_free(). However, the driver calls dbitmap_free() again when\nthe same process terminates, leading to a double-free error:\n\n  ==================================================================\n  BUG: KASAN: double-free in binder_proc_dec_tmpref+0x2e0/0x55c\n  Free of addr ffff00000b7c1420 by task kworker/9:1/209\n\n  CPU: 9 UID: 0 PID: 209 Comm: kworker/9:1 Not tainted 6.17.0-rc6-dirty #5 PREEMPT\n  Hardware name: linux,dummy-virt (DT)\n  Workqueue: events binder_deferred_func\n  Call trace:\n   kfree+0x164/0x31c\n   binder_proc_dec_tmpref+0x2e0/0x55c\n   binder_deferred_func+0xc24/0x1120\n   process_one_work+0x520/0xba4\n  [...]\n\n  Allocated by task 448:\n   __kmalloc_noprof+0x178/0x3c0\n   bitmap_zalloc+0x24/0x30\n   binder_open+0x14c/0xc10\n  [...]\n\n  Freed by task 449:\n   kfree+0x184/0x31c\n   binder_inc_ref_for_node+0xb44/0xe44\n   binder_transaction+0x29b4/0x7fbc\n   binder_thread_write+0x1708/0x442c\n   binder_ioctl+0x1b50/0x2900\n  [...]\n  ==================================================================\n\nFix this issue by marking proc-\u003emap NULL in dbitmap_free()."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-01T06:16:30.652Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/c301ec61ce6f16e21a36b99225ca8a20c1591e10"
        },
        {
          "url": "https://git.kernel.org/stable/c/0390633979969c54c0ce6a198d6f45cdbe2c84b1"
        },
        {
          "url": "https://git.kernel.org/stable/c/b781e5635a3398e2b64440371233c2c5102cd6cb"
        },
        {
          "url": "https://git.kernel.org/stable/c/3ebcd3460cad351f198c39c6edb4af519a0ed934"
        }
      ],
      "title": "binder: fix double-free in dbitmap",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-40028",
    "datePublished": "2025-10-28T09:32:35.681Z",
    "dateReserved": "2025-04-16T07:20:57.152Z",
    "dateUpdated": "2025-12-01T06:16:30.652Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

FKIE_CVE-2025-40028

Vulnerability from fkie_nvd - Published: 2025-10-28 10:15 - Updated: 2025-10-30 15:05

Severity ?

Summary

References

	URL	Tags
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/0390633979969c54c0ce6a198d6f45cdbe2c84b1
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/3ebcd3460cad351f198c39c6edb4af519a0ed934
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/b781e5635a3398e2b64440371233c2c5102cd6cb
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/c301ec61ce6f16e21a36b99225ca8a20c1591e10

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbinder: fix double-free in dbitmap\n\nA process might fail to allocate a new bitmap when trying to expand its\nproc-\u003edmap. In that case, dbitmap_grow() fails and frees the old bitmap\nvia dbitmap_free(). However, the driver calls dbitmap_free() again when\nthe same process terminates, leading to a double-free error:\n\n  ==================================================================\n  BUG: KASAN: double-free in binder_proc_dec_tmpref+0x2e0/0x55c\n  Free of addr ffff00000b7c1420 by task kworker/9:1/209\n\n  CPU: 9 UID: 0 PID: 209 Comm: kworker/9:1 Not tainted 6.17.0-rc6-dirty #5 PREEMPT\n  Hardware name: linux,dummy-virt (DT)\n  Workqueue: events binder_deferred_func\n  Call trace:\n   kfree+0x164/0x31c\n   binder_proc_dec_tmpref+0x2e0/0x55c\n   binder_deferred_func+0xc24/0x1120\n   process_one_work+0x520/0xba4\n  [...]\n\n  Allocated by task 448:\n   __kmalloc_noprof+0x178/0x3c0\n   bitmap_zalloc+0x24/0x30\n   binder_open+0x14c/0xc10\n  [...]\n\n  Freed by task 449:\n   kfree+0x184/0x31c\n   binder_inc_ref_for_node+0xb44/0xe44\n   binder_transaction+0x29b4/0x7fbc\n   binder_thread_write+0x1708/0x442c\n   binder_ioctl+0x1b50/0x2900\n  [...]\n  ==================================================================\n\nFix this issue by marking proc-\u003emap NULL in dbitmap_free()."
    }
  ],
  "id": "CVE-2025-40028",
  "lastModified": "2025-10-30T15:05:32.197",
  "metrics": {},
  "published": "2025-10-28T10:15:42.447",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/0390633979969c54c0ce6a198d6f45cdbe2c84b1"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/3ebcd3460cad351f198c39c6edb4af519a0ed934"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/b781e5635a3398e2b64440371233c2c5102cd6cb"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/c301ec61ce6f16e21a36b99225ca8a20c1591e10"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}

GHSA-8VJM-FC8F-C7JH

Vulnerability from github – Published: 2025-10-28 12:30 – Updated: 2025-10-28 12:30

Details

In the Linux kernel, the following vulnerability has been resolved:

binder: fix double-free in dbitmap

A process might fail to allocate a new bitmap when trying to expand its proc->dmap. In that case, dbitmap_grow() fails and frees the old bitmap via dbitmap_free(). However, the driver calls dbitmap_free() again when the same process terminates, leading to a double-free error:

================================================================== BUG: KASAN: double-free in binder_proc_dec_tmpref+0x2e0/0x55c Free of addr ffff00000b7c1420 by task kworker/9:1/209

CPU: 9 UID: 0 PID: 209 Comm: kworker/9:1 Not tainted 6.17.0-rc6-dirty #5 PREEMPT Hardware name: linux,dummy-virt (DT) Workqueue: events binder_deferred_func Call trace: kfree+0x164/0x31c binder_proc_dec_tmpref+0x2e0/0x55c binder_deferred_func+0xc24/0x1120 process_one_work+0x520/0xba4 [...]

Allocated by task 448: __kmalloc_noprof+0x178/0x3c0 bitmap_zalloc+0x24/0x30 binder_open+0x14c/0xc10 [...]

Freed by task 449: kfree+0x184/0x31c binder_inc_ref_for_node+0xb44/0xe44 binder_transaction+0x29b4/0x7fbc binder_thread_write+0x1708/0x442c binder_ioctl+0x1b50/0x2900 [...] ==================================================================

Fix this issue by marking proc->map NULL in dbitmap_free().

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-40028"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-28T10:15:42Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nbinder: fix double-free in dbitmap\n\nA process might fail to allocate a new bitmap when trying to expand its\nproc-\u003edmap. In that case, dbitmap_grow() fails and frees the old bitmap\nvia dbitmap_free(). However, the driver calls dbitmap_free() again when\nthe same process terminates, leading to a double-free error:\n\n  ==================================================================\n  BUG: KASAN: double-free in binder_proc_dec_tmpref+0x2e0/0x55c\n  Free of addr ffff00000b7c1420 by task kworker/9:1/209\n\n  CPU: 9 UID: 0 PID: 209 Comm: kworker/9:1 Not tainted 6.17.0-rc6-dirty #5 PREEMPT\n  Hardware name: linux,dummy-virt (DT)\n  Workqueue: events binder_deferred_func\n  Call trace:\n   kfree+0x164/0x31c\n   binder_proc_dec_tmpref+0x2e0/0x55c\n   binder_deferred_func+0xc24/0x1120\n   process_one_work+0x520/0xba4\n  [...]\n\n  Allocated by task 448:\n   __kmalloc_noprof+0x178/0x3c0\n   bitmap_zalloc+0x24/0x30\n   binder_open+0x14c/0xc10\n  [...]\n\n  Freed by task 449:\n   kfree+0x184/0x31c\n   binder_inc_ref_for_node+0xb44/0xe44\n   binder_transaction+0x29b4/0x7fbc\n   binder_thread_write+0x1708/0x442c\n   binder_ioctl+0x1b50/0x2900\n  [...]\n  ==================================================================\n\nFix this issue by marking proc-\u003emap NULL in dbitmap_free().",
  "id": "GHSA-8vjm-fc8f-c7jh",
  "modified": "2025-10-28T12:30:14Z",
  "published": "2025-10-28T12:30:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40028"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0390633979969c54c0ce6a198d6f45cdbe2c84b1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3ebcd3460cad351f198c39c6edb4af519a0ed934"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b781e5635a3398e2b64440371233c2c5102cd6cb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c301ec61ce6f16e21a36b99225ca8a20c1591e10"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CERTFR-2025-AVI-1106

Vulnerability from certfr_avis - Published: 2025-12-12 - Updated: 2025-12-12

De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Ubuntu	Ubuntu	Ubuntu 20.04 ESM
Ubuntu	Ubuntu	Ubuntu 24.04 LTS
Ubuntu	Ubuntu	Ubuntu 25.04
Ubuntu	Ubuntu	Ubuntu 18.04 ESM
Ubuntu	Ubuntu	Ubuntu 25.10
Ubuntu	Ubuntu	Ubuntu 22.04 LTS

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-7922-1	2025-12-10	vendor-advisory
Bulletin de sécurité Ubuntu USN-7920-1	2025-12-10	vendor-advisory
Bulletin de sécurité Ubuntu USN-7906-3	2025-12-11	vendor-advisory
Bulletin de sécurité Ubuntu USN-7928-1	2025-12-11	vendor-advisory
Bulletin de sécurité Ubuntu USN-7889-6	2025-12-11	vendor-advisory
Bulletin de sécurité Ubuntu USN-7922-2	2025-12-11	vendor-advisory
Bulletin de sécurité Ubuntu USN-7921-1	2025-12-10	vendor-advisory
Bulletin de sécurité Ubuntu USN-7928-2	2025-12-11	vendor-advisory
Bulletin de sécurité Ubuntu USN-7928-3	2025-12-11	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 20.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 24.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 25.04",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 18.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 25.10",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 22.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-40026",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40026"
    },
    {
      "name": "CVE-2025-21729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21729"
    },
    {
      "name": "CVE-2022-49390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49390"
    },
    {
      "name": "CVE-2025-37958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37958"
    },
    {
      "name": "CVE-2025-21855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21855"
    },
    {
      "name": "CVE-2025-38666",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38666"
    },
    {
      "name": "CVE-2025-40108",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40108"
    },
    {
      "name": "CVE-2024-50196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50196"
    },
    {
      "name": "CVE-2025-40232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40232"
    },
    {
      "name": "CVE-2025-40027",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40027"
    },
    {
      "name": "CVE-2024-50095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50095"
    },
    {
      "name": "CVE-2025-38227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38227"
    },
    {
      "name": "CVE-2025-40109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40109"
    },
    {
      "name": "CVE-2025-38616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38616"
    },
    {
      "name": "CVE-2022-49026",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49026"
    },
    {
      "name": "CVE-2025-38678",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38678"
    },
    {
      "name": "CVE-2025-39964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39964"
    },
    {
      "name": "CVE-2025-39993",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39993"
    },
    {
      "name": "CVE-2025-40028",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40028"
    },
    {
      "name": "CVE-2024-49935",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49935"
    },
    {
      "name": "CVE-2025-40018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40018"
    },
    {
      "name": "CVE-2024-53218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53218"
    },
    {
      "name": "CVE-2024-53090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53090"
    },
    {
      "name": "CVE-2024-50067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50067"
    },
    {
      "name": "CVE-2025-40025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40025"
    },
    {
      "name": "CVE-2025-39946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39946"
    },
    {
      "name": "CVE-2024-47691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47691"
    }
  ],
  "initial_release_date": "2025-12-12T00:00:00",
  "last_revision_date": "2025-12-12T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-1106",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-12-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux d\u0027Ubuntu. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, un contournement de la politique de s\u00e9curit\u00e9 et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": "2025-12-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7922-1",
      "url": "https://ubuntu.com/security/notices/USN-7922-1"
    },
    {
      "published_at": "2025-12-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7920-1",
      "url": "https://ubuntu.com/security/notices/USN-7920-1"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7906-3",
      "url": "https://ubuntu.com/security/notices/USN-7906-3"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7928-1",
      "url": "https://ubuntu.com/security/notices/USN-7928-1"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7889-6",
      "url": "https://ubuntu.com/security/notices/USN-7889-6"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7922-2",
      "url": "https://ubuntu.com/security/notices/USN-7922-2"
    },
    {
      "published_at": "2025-12-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7921-1",
      "url": "https://ubuntu.com/security/notices/USN-7921-1"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7928-2",
      "url": "https://ubuntu.com/security/notices/USN-7928-2"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7928-3",
      "url": "https://ubuntu.com/security/notices/USN-7928-3"
    }
  ]
}

CERTFR-2025-AVI-1075

Vulnerability from certfr_avis - Published: 2025-12-05 - Updated: 2025-12-05

De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une atteinte à l'intégrité des données et un contournement de la politique de sécurité.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Ubuntu	Ubuntu	Ubuntu 16.04 ESM
Ubuntu	Ubuntu	Ubuntu 20.04 ESM
Ubuntu	Ubuntu	Ubuntu 24.04 LTS
Ubuntu	Ubuntu	Ubuntu 25.04
Ubuntu	Ubuntu	Ubuntu 18.04 ESM
Ubuntu	Ubuntu	Ubuntu 25.10
Ubuntu	Ubuntu	Ubuntu 14.04 ESM
Ubuntu	Ubuntu	Ubuntu 22.04 LTS

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-7907-2	2025-12-03	vendor-advisory
Bulletin de sécurité Ubuntu USN-7909-1	2025-12-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-7909-2	2025-12-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-7906-2	2025-12-05	vendor-advisory
Bulletin de sécurité Ubuntu USN-7907-4	2025-12-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-7874-3	2025-12-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-7889-5	2025-12-05	vendor-advisory
Bulletin de sécurité Ubuntu USN-7907-3	2025-12-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-7911-1	2025-12-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-7910-1	2025-12-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-7910-2	2025-12-05	vendor-advisory
Bulletin de sécurité Ubuntu USN-7906-1	2025-12-03	vendor-advisory
Bulletin de sécurité Ubuntu USN-7907-1	2025-12-03	vendor-advisory
Bulletin de sécurité Ubuntu USN-7889-4	2025-12-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-7909-4	2025-12-05	vendor-advisory
Bulletin de sécurité Ubuntu USN-7879-4	2025-12-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-7909-3	2025-12-04	vendor-advisory
Bulletin de sécurité Ubuntu USN-7861-5	2025-12-03	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 16.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 20.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 24.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 25.04",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 18.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 25.10",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 14.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 22.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-38347",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38347"
    },
    {
      "name": "CVE-2025-38502",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38502"
    },
    {
      "name": "CVE-2025-38552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38552"
    },
    {
      "name": "CVE-2025-38614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38614"
    },
    {
      "name": "CVE-2025-38676",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38676"
    },
    {
      "name": "CVE-2025-38677",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38677"
    },
    {
      "name": "CVE-2025-38680",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38680"
    },
    {
      "name": "CVE-2025-38681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38681"
    },
    {
      "name": "CVE-2025-38683",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38683"
    },
    {
      "name": "CVE-2025-38684",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38684"
    },
    {
      "name": "CVE-2025-38685",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38685"
    },
    {
      "name": "CVE-2025-38687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38687"
    },
    {
      "name": "CVE-2025-38691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38691"
    },
    {
      "name": "CVE-2025-38693",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38693"
    },
    {
      "name": "CVE-2025-38694",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38694"
    },
    {
      "name": "CVE-2025-38695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38695"
    },
    {
      "name": "CVE-2025-38696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38696"
    },
    {
      "name": "CVE-2025-38697",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38697"
    },
    {
      "name": "CVE-2025-38698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38698"
    },
    {
      "name": "CVE-2025-38699",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38699"
    },
    {
      "name": "CVE-2025-38700",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38700"
    },
    {
      "name": "CVE-2025-38701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38701"
    },
    {
      "name": "CVE-2025-38706",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38706"
    },
    {
      "name": "CVE-2025-38707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38707"
    },
    {
      "name": "CVE-2025-38708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38708"
    },
    {
      "name": "CVE-2025-38711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38711"
    },
    {
      "name": "CVE-2025-38712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38712"
    },
    {
      "name": "CVE-2025-38713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38713"
    },
    {
      "name": "CVE-2025-38714",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38714"
    },
    {
      "name": "CVE-2025-38715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38715"
    },
    {
      "name": "CVE-2025-38721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38721"
    },
    {
      "name": "CVE-2025-38724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38724"
    },
    {
      "name": "CVE-2025-38725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38725"
    },
    {
      "name": "CVE-2025-38729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38729"
    },
    {
      "name": "CVE-2025-38732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38732"
    },
    {
      "name": "CVE-2025-39673",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39673"
    },
    {
      "name": "CVE-2025-39675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39675"
    },
    {
      "name": "CVE-2025-39676",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39676"
    },
    {
      "name": "CVE-2025-39681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39681"
    },
    {
      "name": "CVE-2025-39683",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39683"
    },
    {
      "name": "CVE-2025-39684",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39684"
    },
    {
      "name": "CVE-2025-39685",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39685"
    },
    {
      "name": "CVE-2025-39686",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39686"
    },
    {
      "name": "CVE-2025-39687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39687"
    },
    {
      "name": "CVE-2025-39689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39689"
    },
    {
      "name": "CVE-2025-39691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39691"
    },
    {
      "name": "CVE-2025-39693",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39693"
    },
    {
      "name": "CVE-2025-39697",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39697"
    },
    {
      "name": "CVE-2025-39702",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39702"
    },
    {
      "name": "CVE-2025-39703",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39703"
    },
    {
      "name": "CVE-2025-39709",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39709"
    },
    {
      "name": "CVE-2025-39710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39710"
    },
    {
      "name": "CVE-2025-39713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39713"
    },
    {
      "name": "CVE-2025-39714",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39714"
    },
    {
      "name": "CVE-2025-39724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39724"
    },
    {
      "name": "CVE-2025-39736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39736"
    },
    {
      "name": "CVE-2025-39737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39737"
    },
    {
      "name": "CVE-2025-39738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39738"
    },
    {
      "name": "CVE-2025-39742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39742"
    },
    {
      "name": "CVE-2025-39743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39743"
    },
    {
      "name": "CVE-2025-39749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39749"
    },
    {
      "name": "CVE-2025-39752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39752"
    },
    {
      "name": "CVE-2025-39756",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39756"
    },
    {
      "name": "CVE-2025-39757",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39757"
    },
    {
      "name": "CVE-2025-39760",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39760"
    },
    {
      "name": "CVE-2025-39766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39766"
    },
    {
      "name": "CVE-2025-39772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39772"
    },
    {
      "name": "CVE-2025-39773",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39773"
    },
    {
      "name": "CVE-2025-39776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39776"
    },
    {
      "name": "CVE-2025-39782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39782"
    },
    {
      "name": "CVE-2025-39783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39783"
    },
    {
      "name": "CVE-2025-39787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39787"
    },
    {
      "name": "CVE-2025-39788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39788"
    },
    {
      "name": "CVE-2025-39790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39790"
    },
    {
      "name": "CVE-2025-39794",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39794"
    },
    {
      "name": "CVE-2025-39795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39795"
    },
    {
      "name": "CVE-2025-39798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39798"
    },
    {
      "name": "CVE-2025-39801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39801"
    },
    {
      "name": "CVE-2025-39806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39806"
    },
    {
      "name": "CVE-2025-39808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39808"
    },
    {
      "name": "CVE-2025-39812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39812"
    },
    {
      "name": "CVE-2025-39813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39813"
    },
    {
      "name": "CVE-2025-39817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39817"
    },
    {
      "name": "CVE-2025-39823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39823"
    },
    {
      "name": "CVE-2025-39824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39824"
    },
    {
      "name": "CVE-2025-39828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39828"
    },
    {
      "name": "CVE-2025-39835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39835"
    },
    {
      "name": "CVE-2025-39839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39839"
    },
    {
      "name": "CVE-2025-39841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39841"
    },
    {
      "name": "CVE-2025-39844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39844"
    },
    {
      "name": "CVE-2025-39845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39845"
    },
    {
      "name": "CVE-2025-39846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39846"
    },
    {
      "name": "CVE-2025-39847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39847"
    },
    {
      "name": "CVE-2025-39848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39848"
    },
    {
      "name": "CVE-2025-39853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39853"
    },
    {
      "name": "CVE-2025-39860",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39860"
    },
    {
      "name": "CVE-2025-39864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39864"
    },
    {
      "name": "CVE-2025-39865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39865"
    },
    {
      "name": "CVE-2025-39866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39866"
    },
    {
      "name": "CVE-2025-40300",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40300"
    },
    {
      "name": "CVE-2025-38514",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38514"
    },
    {
      "name": "CVE-2025-38542",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38542"
    },
    {
      "name": "CVE-2025-38569",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38569"
    },
    {
      "name": "CVE-2025-38511",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38511"
    },
    {
      "name": "CVE-2025-38521",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38521"
    },
    {
      "name": "CVE-2025-38605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38605"
    },
    {
      "name": "CVE-2025-38668",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38668"
    },
    {
      "name": "CVE-2025-38527",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38527"
    },
    {
      "name": "CVE-2025-38718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38718"
    },
    {
      "name": "CVE-2025-39730",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39730"
    },
    {
      "name": "CVE-2021-47385",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47385"
    },
    {
      "name": "CVE-2023-52854",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52854"
    },
    {
      "name": "CVE-2024-35867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35867"
    },
    {
      "name": "CVE-2022-50327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-50327"
    },
    {
      "name": "CVE-2024-36331",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36331"
    },
    {
      "name": "CVE-2025-38501",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38501"
    },
    {
      "name": "CVE-2025-38539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38539"
    },
    {
      "name": "CVE-2025-38561",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38561"
    },
    {
      "name": "CVE-2025-38562",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38562"
    },
    {
      "name": "CVE-2025-38574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38574"
    },
    {
      "name": "CVE-2025-38577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38577"
    },
    {
      "name": "CVE-2025-38578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38578"
    },
    {
      "name": "CVE-2025-38579",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38579"
    },
    {
      "name": "CVE-2025-38622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38622"
    },
    {
      "name": "CVE-2025-38623",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38623"
    },
    {
      "name": "CVE-2025-38639",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38639"
    },
    {
      "name": "CVE-2025-38645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38645"
    },
    {
      "name": "CVE-2025-38652",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38652"
    },
    {
      "name": "CVE-2025-38653",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38653"
    },
    {
      "name": "CVE-2025-38664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38664"
    },
    {
      "name": "CVE-2025-38666",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38666"
    },
    {
      "name": "CVE-2025-39731",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39731"
    },
    {
      "name": "CVE-2025-39734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39734"
    },
    {
      "name": "CVE-2025-39891",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39891"
    },
    {
      "name": "CVE-2025-39894",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39894"
    },
    {
      "name": "CVE-2025-39902",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39902"
    },
    {
      "name": "CVE-2025-39920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39920"
    },
    {
      "name": "CVE-2025-38526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38526"
    },
    {
      "name": "CVE-2025-38533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38533"
    },
    {
      "name": "CVE-2025-38544",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38544"
    },
    {
      "name": "CVE-2025-38584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38584"
    },
    {
      "name": "CVE-2025-38590",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38590"
    },
    {
      "name": "CVE-2025-38593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38593"
    },
    {
      "name": "CVE-2025-38595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38595"
    },
    {
      "name": "CVE-2025-38616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38616"
    },
    {
      "name": "CVE-2025-38628",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38628"
    },
    {
      "name": "CVE-2025-38640",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38640"
    },
    {
      "name": "CVE-2025-38643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38643"
    },
    {
      "name": "CVE-2025-38659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38659"
    },
    {
      "name": "CVE-2025-38660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38660"
    },
    {
      "name": "CVE-2025-38678",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38678"
    },
    {
      "name": "CVE-2025-39726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39726"
    },
    {
      "name": "CVE-2025-39732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39732"
    },
    {
      "name": "CVE-2025-39964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39964"
    },
    {
      "name": "CVE-2025-40018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40018"
    },
    {
      "name": "CVE-2025-40025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40025"
    },
    {
      "name": "CVE-2025-40026",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40026"
    },
    {
      "name": "CVE-2025-40027",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40027"
    },
    {
      "name": "CVE-2022-50070",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-50070"
    },
    {
      "name": "CVE-2025-39727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39727"
    },
    {
      "name": "CVE-2025-40109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40109"
    },
    {
      "name": "CVE-2025-38492",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38492"
    },
    {
      "name": "CVE-2025-38505",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38505"
    },
    {
      "name": "CVE-2025-38507",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38507"
    },
    {
      "name": "CVE-2025-38508",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38508"
    },
    {
      "name": "CVE-2025-38509",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38509"
    },
    {
      "name": "CVE-2025-38517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38517"
    },
    {
      "name": "CVE-2025-38525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38525"
    },
    {
      "name": "CVE-2025-38532",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38532"
    },
    {
      "name": "CVE-2025-38534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38534"
    },
    {
      "name": "CVE-2025-38545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38545"
    },
    {
      "name": "CVE-2025-38547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38547"
    },
    {
      "name": "CVE-2025-38549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38549"
    },
    {
      "name": "CVE-2025-38551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38551"
    },
    {
      "name": "CVE-2025-38557",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38557"
    },
    {
      "name": "CVE-2025-38558",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38558"
    },
    {
      "name": "CVE-2025-38559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38559"
    },
    {
      "name": "CVE-2025-38567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38567"
    },
    {
      "name": "CVE-2025-38570",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38570"
    },
    {
      "name": "CVE-2025-38573",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38573"
    },
    {
      "name": "CVE-2025-38586",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38586"
    },
    {
      "name": "CVE-2025-38589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38589"
    },
    {
      "name": "CVE-2025-38606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38606"
    },
    {
      "name": "CVE-2025-38615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38615"
    },
    {
      "name": "CVE-2025-38619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38619"
    },
    {
      "name": "CVE-2025-38625",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38625"
    },
    {
      "name": "CVE-2025-38626",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38626"
    },
    {
      "name": "CVE-2025-38629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38629"
    },
    {
      "name": "CVE-2025-38631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38631"
    },
    {
      "name": "CVE-2025-38642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38642"
    },
    {
      "name": "CVE-2025-38648",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38648"
    },
    {
      "name": "CVE-2025-38649",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38649"
    },
    {
      "name": "CVE-2025-38654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38654"
    },
    {
      "name": "CVE-2025-38655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38655"
    },
    {
      "name": "CVE-2025-38662",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38662"
    },
    {
      "name": "CVE-2025-38675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38675"
    },
    {
      "name": "CVE-2025-39725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39725"
    },
    {
      "name": "CVE-2025-39809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39809"
    },
    {
      "name": "CVE-2025-39818",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39818"
    },
    {
      "name": "CVE-2025-40157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40157"
    },
    {
      "name": "CVE-2025-40028",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40028"
    },
    {
      "name": "CVE-2025-40108",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40108"
    },
    {
      "name": "CVE-2022-49026",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49026"
    },
    {
      "name": "CVE-2024-49935",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49935"
    },
    {
      "name": "CVE-2024-49963",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49963"
    },
    {
      "name": "CVE-2024-50061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50061"
    },
    {
      "name": "CVE-2024-50067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50067"
    },
    {
      "name": "CVE-2024-50095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50095"
    },
    {
      "name": "CVE-2024-50179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50179"
    },
    {
      "name": "CVE-2024-53068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53068"
    },
    {
      "name": "CVE-2024-53112",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53112"
    },
    {
      "name": "CVE-2024-53090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53090"
    },
    {
      "name": "CVE-2024-53217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53217"
    },
    {
      "name": "CVE-2024-56596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56596"
    },
    {
      "name": "CVE-2024-56664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56664"
    },
    {
      "name": "CVE-2025-21715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21715"
    },
    {
      "name": "CVE-2024-58083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
    },
    {
      "name": "CVE-2025-21722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21722"
    },
    {
      "name": "CVE-2025-21727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
    },
    {
      "name": "CVE-2025-21761",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21761"
    },
    {
      "name": "CVE-2025-21791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
    },
    {
      "name": "CVE-2025-21811",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21811"
    },
    {
      "name": "CVE-2022-49390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49390"
    },
    {
      "name": "CVE-2023-52935",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52935"
    },
    {
      "name": "CVE-2023-52975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52975"
    },
    {
      "name": "CVE-2025-21855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21855"
    },
    {
      "name": "CVE-2025-37838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37838"
    },
    {
      "name": "CVE-2025-21729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21729"
    },
    {
      "name": "CVE-2025-37958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37958"
    },
    {
      "name": "CVE-2023-53074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-53074"
    },
    {
      "name": "CVE-2025-37925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37925"
    },
    {
      "name": "CVE-2025-37968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37968"
    },
    {
      "name": "CVE-2025-38095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38095"
    },
    {
      "name": "CVE-2025-38118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38118"
    },
    {
      "name": "CVE-2025-38148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38148"
    },
    {
      "name": "CVE-2025-38165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38165"
    },
    {
      "name": "CVE-2025-38227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38227"
    },
    {
      "name": "CVE-2025-38335",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38335"
    },
    {
      "name": "CVE-2025-38349",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38349"
    },
    {
      "name": "CVE-2025-38351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38351"
    },
    {
      "name": "CVE-2025-38352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38352"
    },
    {
      "name": "CVE-2025-38437",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38437"
    },
    {
      "name": "CVE-2025-38438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38438"
    },
    {
      "name": "CVE-2025-38439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38439"
    },
    {
      "name": "CVE-2025-38440",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38440"
    },
    {
      "name": "CVE-2025-38441",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38441"
    },
    {
      "name": "CVE-2025-38443",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38443"
    },
    {
      "name": "CVE-2025-38444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38444"
    },
    {
      "name": "CVE-2025-38445",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38445"
    },
    {
      "name": "CVE-2025-38446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38446"
    },
    {
      "name": "CVE-2025-38448",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38448"
    },
    {
      "name": "CVE-2025-38449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38449"
    },
    {
      "name": "CVE-2025-38450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38450"
    },
    {
      "name": "CVE-2025-38451",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38451"
    },
    {
      "name": "CVE-2025-38452",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38452"
    },
    {
      "name": "CVE-2025-38454",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38454"
    },
    {
      "name": "CVE-2025-38455",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38455"
    },
    {
      "name": "CVE-2025-38456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38456"
    },
    {
      "name": "CVE-2025-38457",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38457"
    },
    {
      "name": "CVE-2025-38458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38458"
    },
    {
      "name": "CVE-2025-38459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38459"
    },
    {
      "name": "CVE-2025-38460",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38460"
    },
    {
      "name": "CVE-2025-38461",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38461"
    },
    {
      "name": "CVE-2025-38462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38462"
    },
    {
      "name": "CVE-2025-38463",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38463"
    },
    {
      "name": "CVE-2025-38464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38464"
    },
    {
      "name": "CVE-2025-38465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38465"
    },
    {
      "name": "CVE-2025-38466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38466"
    },
    {
      "name": "CVE-2025-38467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38467"
    },
    {
      "name": "CVE-2025-38468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38468"
    },
    {
      "name": "CVE-2025-38469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38469"
    },
    {
      "name": "CVE-2025-38470",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38470"
    },
    {
      "name": "CVE-2025-38471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38471"
    },
    {
      "name": "CVE-2025-38472",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38472"
    },
    {
      "name": "CVE-2025-38473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38473"
    },
    {
      "name": "CVE-2025-38474",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38474"
    },
    {
      "name": "CVE-2025-38475",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38475"
    },
    {
      "name": "CVE-2025-38476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38476"
    },
    {
      "name": "CVE-2025-38478",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38478"
    },
    {
      "name": "CVE-2025-38480",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38480"
    },
    {
      "name": "CVE-2025-38481",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38481"
    },
    {
      "name": "CVE-2025-38482",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38482"
    },
    {
      "name": "CVE-2025-38483",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38483"
    },
    {
      "name": "CVE-2025-38484",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38484"
    },
    {
      "name": "CVE-2025-38485",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38485"
    },
    {
      "name": "CVE-2025-38487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38487"
    },
    {
      "name": "CVE-2025-38488",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38488"
    },
    {
      "name": "CVE-2025-38489",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38489"
    },
    {
      "name": "CVE-2025-38490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38490"
    },
    {
      "name": "CVE-2025-38491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38491"
    },
    {
      "name": "CVE-2025-38493",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38493"
    },
    {
      "name": "CVE-2025-38494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38494"
    },
    {
      "name": "CVE-2025-38495",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38495"
    },
    {
      "name": "CVE-2025-38496",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38496"
    },
    {
      "name": "CVE-2025-38497",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38497"
    },
    {
      "name": "CVE-2025-38499",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38499"
    },
    {
      "name": "CVE-2025-38453",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38453"
    },
    {
      "name": "CVE-2025-38503",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38503"
    },
    {
      "name": "CVE-2025-38506",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38506"
    },
    {
      "name": "CVE-2025-38510",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38510"
    },
    {
      "name": "CVE-2025-38512",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38512"
    },
    {
      "name": "CVE-2025-38513",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38513"
    },
    {
      "name": "CVE-2025-38515",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38515"
    },
    {
      "name": "CVE-2025-38516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38516"
    },
    {
      "name": "CVE-2025-38520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38520"
    },
    {
      "name": "CVE-2025-38524",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38524"
    },
    {
      "name": "CVE-2025-38528",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38528"
    },
    {
      "name": "CVE-2025-38529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38529"
    },
    {
      "name": "CVE-2025-38530",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38530"
    },
    {
      "name": "CVE-2025-38531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38531"
    },
    {
      "name": "CVE-2025-38535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38535"
    },
    {
      "name": "CVE-2025-38537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38537"
    },
    {
      "name": "CVE-2025-38538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38538"
    },
    {
      "name": "CVE-2025-38540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38540"
    },
    {
      "name": "CVE-2025-38543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38543"
    },
    {
      "name": "CVE-2025-38546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38546"
    },
    {
      "name": "CVE-2025-38548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38548"
    },
    {
      "name": "CVE-2025-38550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38550"
    },
    {
      "name": "CVE-2025-38553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38553"
    },
    {
      "name": "CVE-2025-38555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38555"
    },
    {
      "name": "CVE-2025-38560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38560"
    },
    {
      "name": "CVE-2025-38563",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38563"
    },
    {
      "name": "CVE-2025-38565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38565"
    },
    {
      "name": "CVE-2025-38566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38566"
    },
    {
      "name": "CVE-2025-38568",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38568"
    },
    {
      "name": "CVE-2025-38571",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38571"
    },
    {
      "name": "CVE-2025-38572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38572"
    },
    {
      "name": "CVE-2025-38576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38576"
    },
    {
      "name": "CVE-2025-38581",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38581"
    },
    {
      "name": "CVE-2025-38582",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38582"
    },
    {
      "name": "CVE-2025-38583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38583"
    },
    {
      "name": "CVE-2025-38585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38585"
    },
    {
      "name": "CVE-2025-38587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38587"
    },
    {
      "name": "CVE-2025-38588",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38588"
    },
    {
      "name": "CVE-2025-38601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38601"
    },
    {
      "name": "CVE-2025-38602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38602"
    },
    {
      "name": "CVE-2025-38604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38604"
    },
    {
      "name": "CVE-2025-38608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38608"
    },
    {
      "name": "CVE-2025-38609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38609"
    },
    {
      "name": "CVE-2025-38610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38610"
    },
    {
      "name": "CVE-2025-38612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38612"
    },
    {
      "name": "CVE-2025-38624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38624"
    },
    {
      "name": "CVE-2025-38630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38630"
    },
    {
      "name": "CVE-2025-38632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38632"
    },
    {
      "name": "CVE-2025-38634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38634"
    },
    {
      "name": "CVE-2025-38635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38635"
    },
    {
      "name": "CVE-2025-38644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38644"
    },
    {
      "name": "CVE-2025-38646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38646"
    },
    {
      "name": "CVE-2025-38650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38650"
    },
    {
      "name": "CVE-2025-38663",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38663"
    },
    {
      "name": "CVE-2025-38665",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38665"
    },
    {
      "name": "CVE-2025-38670",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38670"
    },
    {
      "name": "CVE-2025-38671",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38671"
    },
    {
      "name": "CVE-2025-38556",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38556"
    }
  ],
  "initial_release_date": "2025-12-05T00:00:00",
  "last_revision_date": "2025-12-05T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-1075",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-12-05T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux d\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": "2025-12-03",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7907-2",
      "url": "https://ubuntu.com/security/notices/USN-7907-2"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7909-1",
      "url": "https://ubuntu.com/security/notices/USN-7909-1"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7909-2",
      "url": "https://ubuntu.com/security/notices/USN-7909-2"
    },
    {
      "published_at": "2025-12-05",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7906-2",
      "url": "https://ubuntu.com/security/notices/USN-7906-2"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7907-4",
      "url": "https://ubuntu.com/security/notices/USN-7907-4"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7874-3",
      "url": "https://ubuntu.com/security/notices/USN-7874-3"
    },
    {
      "published_at": "2025-12-05",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7889-5",
      "url": "https://ubuntu.com/security/notices/USN-7889-5"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7907-3",
      "url": "https://ubuntu.com/security/notices/USN-7907-3"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7911-1",
      "url": "https://ubuntu.com/security/notices/USN-7911-1"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7910-1",
      "url": "https://ubuntu.com/security/notices/USN-7910-1"
    },
    {
      "published_at": "2025-12-05",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7910-2",
      "url": "https://ubuntu.com/security/notices/USN-7910-2"
    },
    {
      "published_at": "2025-12-03",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7906-1",
      "url": "https://ubuntu.com/security/notices/USN-7906-1"
    },
    {
      "published_at": "2025-12-03",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7907-1",
      "url": "https://ubuntu.com/security/notices/USN-7907-1"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7889-4",
      "url": "https://ubuntu.com/security/notices/USN-7889-4"
    },
    {
      "published_at": "2025-12-05",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7909-4",
      "url": "https://ubuntu.com/security/notices/USN-7909-4"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7879-4",
      "url": "https://ubuntu.com/security/notices/USN-7879-4"
    },
    {
      "published_at": "2025-12-04",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7909-3",
      "url": "https://ubuntu.com/security/notices/USN-7909-3"
    },
    {
      "published_at": "2025-12-03",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7861-5",
      "url": "https://ubuntu.com/security/notices/USN-7861-5"
    }
  ]
}

CVE-2025-40028

Vulnerability from fstec - Published: 15.09.2025

Title

Уязвимость функции dbitmap_free() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость функции dbitmap_free() ядра операционной системы Linux связана с повторным освобождением памяти. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании

Severity ?


                    
                      AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Vendor

Сообщество свободного программного обеспечения

Software Name

Debian GNU/Linux, Linux

Software Version

13 (Debian GNU/Linux), до 6.18 rc1 (Linux), от 6.16 до 6.16.12 (Linux), от 6.17 до 6.17.2 (Linux), от 6.11 до 6.12.52 (Linux)

Possible Mitigations

В условиях отсутствия обновлений безопасности от производителя рекомендуется придерживаться "Рекомендаций по безопасной настройке операционных систем LINUX", изложенных в методическом документе ФСТЭК России, утверждённом 25 декабря 2022 года. Использование рекомендаций: Для Linux: https://lore.kernel.org/linux-cve-announce/2025102841-CVE-2025-40028-f52b@gregkh/ https://git.kernel.org/stable/c/0390633979969c54c0ce6a198d6f45cdbe2c84b1 https://git.kernel.org/stable/c/3ebcd3460cad351f198c39c6edb4af519a0ed934 https://git.kernel.org/stable/c/b781e5635a3398e2b64440371233c2c5102cd6cb https://git.kernel.org/stable/c/c301ec61ce6f16e21a36b99225ca8a20c1591e10 Для Debian GNU/Linux: https://security-tracker.debian.org/tracker/CVE-2025-40028

Reference

https://lore.kernel.org/linux-cve-announce/2025102841-CVE-2025-40028-f52b@gregkh/ https://git.kernel.org/stable/c/0390633979969c54c0ce6a198d6f45cdbe2c84b1 https://git.kernel.org/stable/c/3ebcd3460cad351f198c39c6edb4af519a0ed934 https://git.kernel.org/stable/c/b781e5635a3398e2b64440371233c2c5102cd6cb https://git.kernel.org/stable/c/c301ec61ce6f16e21a36b99225ca8a20c1591e10 https://security-tracker.debian.org/tracker/CVE-2025-40028

CWE

CWE-415

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
  "CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "13 (Debian GNU/Linux), \u0434\u043e 6.18 rc1 (Linux), \u043e\u0442 6.16 \u0434\u043e 6.16.12 (Linux), \u043e\u0442 6.17 \u0434\u043e 6.17.2 (Linux), \u043e\u0442 6.11 \u0434\u043e 6.12.52 (Linux)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0412 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c\u0441\u044f \"\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c LINUX\", \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043c\u0435\u0442\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0435 \u0424\u0421\u0422\u042d\u041a \u0420\u043e\u0441\u0441\u0438\u0438, \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u043e\u043c 25 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Linux:\nhttps://lore.kernel.org/linux-cve-announce/2025102841-CVE-2025-40028-f52b@gregkh/\nhttps://git.kernel.org/stable/c/0390633979969c54c0ce6a198d6f45cdbe2c84b1\t\nhttps://git.kernel.org/stable/c/3ebcd3460cad351f198c39c6edb4af519a0ed934\t\nhttps://git.kernel.org/stable/c/b781e5635a3398e2b64440371233c2c5102cd6cb\t\nhttps://git.kernel.org/stable/c/c301ec61ce6f16e21a36b99225ca8a20c1591e10\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2025-40028",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "15.09.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "06.11.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "06.11.2025",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-13784",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2025-40028",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Debian GNU/Linux, Linux",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 13 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u0434\u043e 6.18 rc1 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 6.16 \u0434\u043e 6.16.12 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 6.17 \u0434\u043e 6.17.2 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 6.11 \u0434\u043e 6.12.52 ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 dbitmap_free() \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041f\u043e\u0432\u0442\u043e\u0440\u043d\u043e\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u0435 (CWE-415)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 dbitmap_free() \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u044b\u043c \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u0435\u043c \u043f\u0430\u043c\u044f\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://lore.kernel.org/linux-cve-announce/2025102841-CVE-2025-40028-f52b@gregkh/\nhttps://git.kernel.org/stable/c/0390633979969c54c0ce6a198d6f45cdbe2c84b1\t\nhttps://git.kernel.org/stable/c/3ebcd3460cad351f198c39c6edb4af519a0ed934\t\nhttps://git.kernel.org/stable/c/b781e5635a3398e2b64440371233c2c5102cd6cb\t\nhttps://git.kernel.org/stable/c/c301ec61ce6f16e21a36b99225ca8a20c1591e10\nhttps://security-tracker.debian.org/tracker/CVE-2025-40028",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-415",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,6)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-40028 (GCVE-0-2025-40028)

FKIE_CVE-2025-40028

GHSA-8VJM-FC8F-C7JH

CERTFR-2025-AVI-1106

Solutions

CERTFR-2025-AVI-1075

Solutions

CVE-2025-40028

Tags

Sightings

Nomenclature