cvelistv5 - cve-2023-53138

CVE-2023-53138 (GCVE-0-2023-53138)

Vulnerability from cvelistv5

Published

2025-05-02 15:56

Modified

2025-05-04 07:50

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: net: caif: Fix use-after-free in cfusbl_device_notify() syzbot reported use-after-free in cfusbl_device_notify() [1]. This causes a stack trace like below: BUG: KASAN: use-after-free in cfusbl_device_notify+0x7c9/0x870 net/caif/caif_usb.c:138 Read of size 8 at addr ffff88807ac4e6f0 by task kworker/u4:6/1214 CPU: 0 PID: 1214 Comm: kworker/u4:6 Not tainted 5.19.0-rc3-syzkaller-00146-g92f20ff72066 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: netns cleanup_net Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106 print_address_description.constprop.0.cold+0xeb/0x467 mm/kasan/report.c:313 print_report mm/kasan/report.c:429 [inline] kasan_report.cold+0xf4/0x1c6 mm/kasan/report.c:491 cfusbl_device_notify+0x7c9/0x870 net/caif/caif_usb.c:138 notifier_call_chain+0xb5/0x200 kernel/notifier.c:87 call_netdevice_notifiers_info+0xb5/0x130 net/core/dev.c:1945 call_netdevice_notifiers_extack net/core/dev.c:1983 [inline] call_netdevice_notifiers net/core/dev.c:1997 [inline] netdev_wait_allrefs_any net/core/dev.c:10227 [inline] netdev_run_todo+0xbc0/0x10f0 net/core/dev.c:10341 default_device_exit_batch+0x44e/0x590 net/core/dev.c:11334 ops_exit_list+0x125/0x170 net/core/net_namespace.c:167 cleanup_net+0x4ea/0xb00 net/core/net_namespace.c:594 process_one_work+0x996/0x1610 kernel/workqueue.c:2289 worker_thread+0x665/0x1080 kernel/workqueue.c:2436 kthread+0x2e9/0x3a0 kernel/kthread.c:376 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:302 </TASK> When unregistering a net device, unregister_netdevice_many_notify() sets the device's reg_state to NETREG_UNREGISTERING, calls notifiers with NETDEV_UNREGISTER, and adds the device to the todo list. Later on, devices in the todo list are processed by netdev_run_todo(). netdev_run_todo() waits devices' reference count become 1 while rebdoadcasting NETDEV_UNREGISTER notification. When cfusbl_device_notify() is called with NETDEV_UNREGISTER multiple times, the parent device might be freed. This could cause UAF. Processing NETDEV_UNREGISTER multiple times also causes inbalance of reference count for the module. This patch fixes the issue by accepting only first NETDEV_UNREGISTER notification.

References

URL

wid-sec-w-2025-0932

Vulnerability from csaf_certbund

Published

2025-05-04 22:00

Modified

2025-09-09 22:00

Summary

Linux Kernel: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff

Ein Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen Denial of Service Angriff oder einen unspezifischen Angriff durchzuführen.

Betroffene Betriebssysteme

- Linux - UNIX

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen Denial of Service Angriff  oder einen unspezifischen Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- UNIX",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-0932 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0932.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-0932 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0932"
      },
      {
        "category": "external",
        "summary": "Kernel CVE Announce Mailingliste",
        "url": "https://lore.kernel.org/linux-cve-announce/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53109",
        "url": "https://lore.kernel.org/linux-cve-announce/2025050227-CVE-2023-53109-1fbd@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53111",
        "url": "https://lore.kernel.org/linux-cve-announce/2025050227-CVE-2023-53111-2257@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53112",
        "url": "https://lore.kernel.org/linux-cve-announce/2025050228-CVE-2023-53112-f86a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53113",
        "url": "https://lore.kernel.org/linux-cve-announce/2025050228-CVE-2023-53113-a3ff@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53114",
        "url": "https://lore.kernel.org/linux-cve-announce/2025050228-CVE-2023-53114-39ab@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53115",
        "url": "https://lore.kernel.org/linux-cve-announce/2025050229-CVE-2023-53115-0a1f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53116",
        "url": "https://lore.kernel.org/linux-cve-announce/2025050229-CVE-2023-53116-469c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53117",
        "url": "https://lore.kernel.org/linux-cve-announce/2025050229-CVE-2023-53117-09c9@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53118",
        "url": "https://lore.kernel.org/linux-cve-announce/2025050230-CVE-2023-53118-8472@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53129",
        "url": "https://lore.kernel.org/linux-cve-announce/2025050234-CVE-2023-53129-038a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53130",
        "url": "https://lore.kernel.org/linux-cve-announce/2025050234-CVE-2023-53130-015e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53131",
        "url": "https://lore.kernel.org/linux-cve-announce/2025050234-CVE-2023-53131-b288@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53132",
        "url": "https://lore.kernel.org/linux-cve-announce/2025050235-CVE-2023-53132-2281@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53133",
        "url": "https://lore.kernel.org/linux-cve-announce/2025050235-CVE-2023-53133-89c0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53134",
        "url": "https://lore.kernel.org/linux-cve-announce/2025050235-CVE-2023-53134-68c9@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53135",
        "url": "https://lore.kernel.org/linux-cve-announce/2025050236-CVE-2023-53135-3c65@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53136",
        "url": "https://lore.kernel.org/linux-cve-announce/2025050236-CVE-2023-53136-74ee@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53137",
        "url": "https://lore.kernel.org/linux-cve-announce/2025050237-CVE-2023-53137-f8bc@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53138",
        "url": "https://lore.kernel.org/linux-cve-announce/2025050237-CVE-2023-53138-0ff0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53139",
        "url": "https://lore.kernel.org/linux-cve-announce/2025050237-CVE-2023-53139-6557@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53140",
        "url": "https://lore.kernel.org/linux-cve-announce/2025050238-CVE-2023-53140-a5f2@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53141",
        "url": "https://lore.kernel.org/linux-cve-announce/2025050238-CVE-2023-53141-e701@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53142",
        "url": "https://lore.kernel.org/linux-cve-announce/2025050238-CVE-2023-53142-4d74@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53143",
        "url": "https://lore.kernel.org/linux-cve-announce/2025050239-CVE-2023-53143-7a2c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53144",
        "url": "https://lore.kernel.org/linux-cve-announce/2025050239-CVE-2023-53144-2ad8@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-37797",
        "url": "https://lore.kernel.org/linux-cve-announce/2025050210-CVE-2025-37797-2aab@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-37798",
        "url": "https://lore.kernel.org/linux-cve-announce/2025050212-CVE-2025-37798-1d06@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-37799",
        "url": "https://lore.kernel.org/linux-cve-announce/2025050358-CVE-2025-37799-a1aa@gregkh/"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4178 vom 2025-05-26",
        "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:01707-1 vom 2025-05-26",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020902.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4193 vom 2025-05-30",
        "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20343-1 vom 2025-05-29",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020965.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20344-1 vom 2025-05-29",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020964.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20355-1 vom 2025-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021015.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20354-1 vom 2025-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021016.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:01919-1 vom 2025-06-12",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021477.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:01918-1 vom 2025-06-12",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021478.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:01951-1 vom 2025-06-13",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021509.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:01967-1 vom 2025-06-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021533.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:01965-1 vom 2025-06-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021535.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:01966-1 vom 2025-06-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021534.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:01964-1 vom 2025-06-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021531.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:01972-1 vom 2025-06-17",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021537.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:01983-1 vom 2025-06-17",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021538.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20413-1 vom 2025-06-17",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021547.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20408-1 vom 2025-06-17",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021550.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02000-1 vom 2025-06-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021568.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20421-1 vom 2025-06-20",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021590.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20419-1 vom 2025-06-20",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021591.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALASKERNEL-5.15-2025-076 vom 2025-06-24",
        "url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.15-2025-076.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS-2025-2892 vom 2025-06-24",
        "url": "https://alas.aws.amazon.com/AL2/ALAS-2025-2892.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7594-1 vom 2025-06-24",
        "url": "https://ubuntu.com/security/notices/USN-7594-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7594-2 vom 2025-06-26",
        "url": "https://ubuntu.com/security/notices/USN-7594-2"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.4-2025-102 vom 2025-06-30",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.4-2025-102.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02173-1 vom 2025-06-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021714.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2-2025-2892 vom 2025-06-30",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-2892.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7607-2 vom 2025-07-02",
        "url": "https://ubuntu.com/security/notices/USN-7607-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7608-3 vom 2025-07-02",
        "url": "https://ubuntu.com/security/notices/USN-7608-3"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7609-2 vom 2025-07-02",
        "url": "https://ubuntu.com/security/notices/USN-7609-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7608-2 vom 2025-07-02",
        "url": "https://ubuntu.com/security/notices/USN-7608-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7607-1 vom 2025-07-01",
        "url": "https://ubuntu.com/security/notices/USN-7607-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7609-1 vom 2025-07-02",
        "url": "https://ubuntu.com/security/notices/USN-7609-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7610-1 vom 2025-07-02",
        "url": "https://ubuntu.com/security/notices/USN-7610-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7608-1 vom 2025-07-01",
        "url": "https://ubuntu.com/security/notices/USN-7608-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7608-4 vom 2025-07-03",
        "url": "https://ubuntu.com/security/notices/USN-7608-4"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7609-3 vom 2025-07-04",
        "url": "https://ubuntu.com/security/notices/USN-7609-3"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:10371 vom 2025-07-07",
        "url": "https://access.redhat.com/errata/RHSA-2025:10371"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:10379 vom 2025-07-07",
        "url": "https://access.redhat.com/errata/RHSA-2025:10379"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-10371 vom 2025-07-08",
        "url": "https://linux.oracle.com/errata/ELSA-2025-10371.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7607-3 vom 2025-07-09",
        "url": "https://ubuntu.com/security/notices/USN-7607-3"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-10379 vom 2025-07-08",
        "url": "https://linux.oracle.com/errata/ELSA-2025-10379.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:10674 vom 2025-07-09",
        "url": "https://access.redhat.com/errata/RHSA-2025:10674"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7628-1 vom 2025-07-09",
        "url": "https://ubuntu.com/security/notices/USN-7628-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7627-2 vom 2025-07-09",
        "url": "https://ubuntu.com/security/notices/USN-7627-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7627-1 vom 2025-07-08",
        "url": "https://ubuntu.com/security/notices/USN-7627-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7610-2 vom 2025-07-09",
        "url": "https://ubuntu.com/security/notices/USN-7610-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7609-4 vom 2025-07-09",
        "url": "https://ubuntu.com/security/notices/USN-7609-4"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7608-5 vom 2025-07-09",
        "url": "https://ubuntu.com/security/notices/USN-7608-5"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02254-1 vom 2025-07-08",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021770.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7594-3 vom 2025-07-09",
        "url": "https://ubuntu.com/security/notices/USN-7594-3"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02262-1 vom 2025-07-10",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/B53IHD74IRNJDAOHBW4L7JGWNOM26XE7/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02264-1 vom 2025-07-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021785.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2LIVEPATCH-2025-242 vom 2025-07-10",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2LIVEPATCH-2025-242.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2LIVEPATCH-2025-245 vom 2025-07-10",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2LIVEPATCH-2025-245.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.15-2025-079 vom 2025-07-10",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.15-2025-079.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2-2025-2929 vom 2025-07-10",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-2929.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2-2025-2909 vom 2025-07-10",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-2909.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2LIVEPATCH-2025-244 vom 2025-07-10",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2LIVEPATCH-2025-244.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2LIVEPATCH-2025-243 vom 2025-07-10",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2LIVEPATCH-2025-243.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7608-6 vom 2025-07-11",
        "url": "https://ubuntu.com/security/notices/USN-7608-6"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02307-1 vom 2025-07-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021804.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02308-1 vom 2025-07-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021805.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7610-3 vom 2025-07-15",
        "url": "https://ubuntu.com/security/notices/USN-7610-3"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02320-1 vom 2025-07-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021812.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02322-1 vom 2025-07-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021810.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02321-1 vom 2025-07-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021811.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-20470 vom 2025-07-16",
        "url": "https://linux.oracle.com/errata/ELSA-2025-20470.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02334-1 vom 2025-07-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021829.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-20471 vom 2025-07-16",
        "url": "https://linux.oracle.com/errata/ELSA-2025-20471.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02333-1 vom 2025-07-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021830.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7653-1 vom 2025-07-17",
        "url": "https://ubuntu.com/security/notices/USN-7653-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7609-5 vom 2025-07-17",
        "url": "https://ubuntu.com/security/notices/USN-7609-5"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7654-1 vom 2025-07-18",
        "url": "https://ubuntu.com/security/notices/USN-7654-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7654-3 vom 2025-07-18",
        "url": "https://ubuntu.com/security/notices/USN-7654-3"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7654-2 vom 2025-07-18",
        "url": "https://ubuntu.com/security/notices/USN-7654-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7655-1 vom 2025-07-18",
        "url": "https://ubuntu.com/security/notices/USN-7655-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7654-4 vom 2025-07-22",
        "url": "https://ubuntu.com/security/notices/USN-7654-4"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7671-1 vom 2025-07-25",
        "url": "https://ubuntu.com/security/notices/USN-7671-1"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:11861 vom 2025-07-28",
        "url": "https://access.redhat.com/errata/RHSA-2025:11861"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:11855 vom 2025-07-28",
        "url": "https://access.redhat.com/errata/RHSA-2025:11855"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02537-1 vom 2025-07-28",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021978.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-11861 vom 2025-07-30",
        "url": "https://linux.oracle.com/errata/ELSA-2025-11861.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7654-5 vom 2025-07-29",
        "url": "https://ubuntu.com/security/notices/USN-7654-5"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7671-2 vom 2025-07-29",
        "url": "https://ubuntu.com/security/notices/USN-7671-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7682-1 vom 2025-07-30",
        "url": "https://ubuntu.com/security/notices/USN-7682-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7608-7 vom 2025-07-30",
        "url": "https://ubuntu.com/security/notices/USN-7608-7"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-11855 vom 2025-07-30",
        "url": "https://linux.oracle.com/errata/ELSA-2025-11855.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7682-3 vom 2025-07-31",
        "url": "https://ubuntu.com/security/notices/USN-7682-3"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7682-4 vom 2025-08-01",
        "url": "https://ubuntu.com/security/notices/USN-7682-4"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02611-1 vom 2025-08-04",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CAY42JX32A3BASFZGJE6DQP2CXN2LUAW/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02602-1 vom 2025-08-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022047.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02604-1 vom 2025-08-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022046.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02606-1 vom 2025-08-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022045.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02588-1 vom 2025-08-01",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VQYPF6FAXKWBHQ4POBUPZVPW4L73XJR5/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02607-1 vom 2025-08-04",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MOXFW6IMLHSFMN655UONMR2V76DWL7LG/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02601-1 vom 2025-08-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022048.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02610-1 vom 2025-08-04",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NRIUGMNHYH2DWCCLRZ5NFTLFBXQCRTE6/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02608-1 vom 2025-08-04",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SMY25R62WPNQL2TYEAZTDCWAVFYQUQ2E/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02619-1 vom 2025-08-04",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TWVUGRLCXJQB55343B5DGQRVGA6GMIQ6/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02618-1 vom 2025-08-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022014.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.15-2025-086 vom 2025-08-05",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.15-2025-086.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2-2025-2955 vom 2025-08-05",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-2955.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.10-2025-100 vom 2025-08-05",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.10-2025-100.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02673-1 vom 2025-08-04",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VPKQ4BU54XGSANMAROPDJAEFKO2OEKKP/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02632-1 vom 2025-08-04",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/A6QW6TXS545RIQWDHD4QUITTGGA4K6MY/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02627-1 vom 2025-08-04",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4HNZG2UKJBSDT23RIH4WSPIP5XJJH7AQ/"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7685-3 vom 2025-08-05",
        "url": "https://ubuntu.com/security/notices/USN-7685-3"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02637-1 vom 2025-08-04",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ON23RSVRQYIYWSN7KWZHAT23BQ2YH6EK/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02636-1 vom 2025-08-04",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CZW4BWHO76REHV7LNO6WHLF4JRL7WMEJ/"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7685-1 vom 2025-08-05",
        "url": "https://ubuntu.com/security/notices/USN-7685-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02676-1 vom 2025-08-04",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NBQGO5F7GAWGWOOC2BA5DLBISXIOXMMS/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02648-1 vom 2025-08-04",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/IKXBRO2HUJQNRZTJLJHZC32ZUUQLD7RS/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02647-1 vom 2025-08-04",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LHOHSHBEJMHDNQVQMNHA7MC22TR34HJY/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02638-1 vom 2025-08-04",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GT3EVLQ3E46O7RVXSFVUBEM6JEJUWQI4/"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7671-3 vom 2025-08-04",
        "url": "https://ubuntu.com/security/notices/USN-7671-3"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02671-1 vom 2025-08-04",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2UYKOPOTPXFPAHZK3XT64P5TUTPP2DDO/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02687-1 vom 2025-08-04",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/6VW2HW4WHUKAUC34CIESGAAISQVOIIZS/"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7685-1 vom 2025-08-05",
        "url": "https://ubuntu.com/security/notices/USN-7685-2"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02652-1 vom 2025-08-04",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CPV72PULRBVAYNVLOGDPAXEYAOLJPHYQ/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02693-1 vom 2025-08-05",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/Q562SYU3GEAQLUF7RIJSZKOPWTHBMXYI/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02691-1 vom 2025-08-05",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/HQYM2FGJQXM5CJJ3L6LDY723WGAYBFPL/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02689-1 vom 2025-08-05",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/U2TRD6KWXEAIWY33DHM2QPZCBKLAECTA/"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7685-4 vom 2025-08-05",
        "url": "https://ubuntu.com/security/notices/USN-7685-4"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02688-1 vom 2025-08-05",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5NCR2KWOE2L5E5ZMBPLRQ3ZRAPKHOJX5/"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7686-1 vom 2025-08-05",
        "url": "https://ubuntu.com/security/notices/USN-7686-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02710-1 vom 2025-08-05",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/EF7HBZKJ7TRGPEOKPY66PCZKIYFKRU56/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02707-1 vom 2025-08-05",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/EXO3ZDMTCCPF5B4XOQY7TAQ5JY4T2NWP/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02697-1 vom 2025-08-05",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4DC3XA5ITEIHVOJ5XXILV3NMSJPM3PS2/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02708-1 vom 2025-08-05",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/OIV3PQR5UOAFXL7SARDQRG7OSG5GJOE7/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02704-1 vom 2025-08-05",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/PAJM6DY43HWTMYM763Y57Q6KWBGTAHOM/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02698-1 vom 2025-08-05",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TM2FOPKL26WFLLS5YFPKON7STKP3HL4I/"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.10-2025-101 vom 2025-08-09",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.10-2025-101.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.15-2025-087 vom 2025-08-09",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.15-2025-087.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:13633 vom 2025-08-11",
        "url": "https://access.redhat.com/errata/RHSA-2025:13633"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7682-5 vom 2025-08-12",
        "url": "https://ubuntu.com/security/notices/USN-7682-5"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7685-5 vom 2025-08-13",
        "url": "https://ubuntu.com/security/notices/USN-7685-5"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:13781 vom 2025-08-13",
        "url": "https://access.redhat.com/errata/RHSA-2025:13781"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:13946 vom 2025-08-18",
        "url": "https://access.redhat.com/errata/RHSA-2025:13946"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02851-1 vom 2025-08-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022202.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:14054 vom 2025-08-19",
        "url": "https://access.redhat.com/errata/RHSA-2025:14054"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02853-1 vom 2025-08-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022200.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02858-1 vom 2025-08-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022197.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02844-1 vom 2025-08-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022194.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02848-1 vom 2025-08-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022193.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02846-1 vom 2025-08-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022192.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02849-1 vom 2025-08-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022204.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02850-1 vom 2025-08-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022203.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02852-1 vom 2025-08-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022201.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:14094 vom 2025-08-19",
        "url": "https://access.redhat.com/errata/RHSA-2025:14094"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7701-1 vom 2025-08-19",
        "url": "https://ubuntu.com/security/notices/USN-7701-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7682-6 vom 2025-08-20",
        "url": "https://ubuntu.com/security/notices/USN-7682-6"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7701-2 vom 2025-08-20",
        "url": "https://ubuntu.com/security/notices/USN-7701-2"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02923-1 vom 2025-08-20",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022237.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7701-3 vom 2025-08-21",
        "url": "https://ubuntu.com/security/notices/USN-7701-3"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02942-1 vom 2025-08-21",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022247.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7711-1 vom 2025-08-22",
        "url": "https://ubuntu.com/security/notices/USN-7711-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7712-1 vom 2025-08-22",
        "url": "https://ubuntu.com/security/notices/USN-7712-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02969-1 vom 2025-08-25",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022259.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7719-1 vom 2025-08-26",
        "url": "https://ubuntu.com/security/notices/USN-7719-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02997-1 vom 2025-08-27",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022283.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02996-1 vom 2025-08-27",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022291.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20584-1 vom 2025-08-28",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022297.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20576-1 vom 2025-08-28",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022305.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20586-1 vom 2025-08-28",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022295.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20583-1 vom 2025-08-28",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022298.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20579-1 vom 2025-08-28",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022302.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20582-1 vom 2025-08-28",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022299.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20574-1 vom 2025-08-28",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022307.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20569-1 vom 2025-08-28",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022312.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20578-1 vom 2025-08-28",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022303.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20581-1 vom 2025-08-28",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022300.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20570-1 vom 2025-08-28",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022311.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20575-1 vom 2025-08-28",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022306.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20573-1 vom 2025-08-28",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022308.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20577-1 vom 2025-08-28",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022304.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20572-1 vom 2025-08-28",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022309.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20568-1 vom 2025-08-28",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022313.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20580-1 vom 2025-08-28",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022301.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:03011-1 vom 2025-08-28",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022327.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20601-1 vom 2025-08-29",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022363.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:03023-1 vom 2025-08-29",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022329.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20625-1 vom 2025-08-29",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022347.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20623-1 vom 2025-08-29",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022349.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20624-1 vom 2025-08-29",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022348.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20622-1 vom 2025-08-29",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022350.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20621-1 vom 2025-08-29",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022351.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20612-1 vom 2025-08-29",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022358.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20620-1 vom 2025-08-29",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022352.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20616-1 vom 2025-08-29",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022354.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20615-1 vom 2025-08-29",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022355.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20614-1 vom 2025-08-29",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022356.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20613-1 vom 2025-08-29",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022357.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20611-1 vom 2025-08-29",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022359.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20610-1 vom 2025-08-29",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022360.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20602-1 vom 2025-08-29",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022362.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7712-2 vom 2025-09-02",
        "url": "https://ubuntu.com/security/notices/USN-7712-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7737-1 vom 2025-09-03",
        "url": "https://ubuntu.com/security/notices/USN-7737-1"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-15011 vom 2025-09-03",
        "url": "https://linux.oracle.com/errata/ELSA-2025-15011.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-20553 vom 2025-09-10",
        "url": "https://linux.oracle.com/errata/ELSA-2025-20553.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-09-09T22:00:00.000+00:00",
      "generator": {
        "date": "2025-09-10T05:06:17.337+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.4.0"
        }
      },
      "id": "WID-SEC-W-2025-0932",
      "initial_release_date": "2025-05-04T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-05-04T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2025-05-26T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Debian und SUSE aufgenommen"
        },
        {
          "date": "2025-05-29T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Debian und SUSE aufgenommen"
        },
        {
          "date": "2025-06-02T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-06-11T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-06-15T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-06-16T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-06-17T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-06-19T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-06-23T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2025-06-24T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Amazon und Ubuntu aufgenommen"
        },
        {
          "date": "2025-06-26T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-06-30T22:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Amazon und SUSE aufgenommen"
        },
        {
          "date": "2025-07-01T22:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-07-03T22:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-07-06T22:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-07-07T22:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2025-07-08T22:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von Ubuntu, Oracle Linux, Red Hat und SUSE aufgenommen"
        },
        {
          "date": "2025-07-09T22:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-07-10T22:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von SUSE und Amazon aufgenommen"
        },
        {
          "date": "2025-07-13T22:00:00.000+00:00",
          "number": "21",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-07-14T22:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von SUSE und Ubuntu aufgenommen"
        },
        {
          "date": "2025-07-15T22:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-07-16T22:00:00.000+00:00",
          "number": "24",
          "summary": "Neue Updates von SUSE und Oracle Linux aufgenommen"
        },
        {
          "date": "2025-07-17T22:00:00.000+00:00",
          "number": "25",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-07-21T22:00:00.000+00:00",
          "number": "26",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-07-27T22:00:00.000+00:00",
          "number": "27",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-07-28T22:00:00.000+00:00",
          "number": "28",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-07-29T22:00:00.000+00:00",
          "number": "29",
          "summary": "Neue Updates von Oracle Linux und Ubuntu aufgenommen"
        },
        {
          "date": "2025-07-30T22:00:00.000+00:00",
          "number": "30",
          "summary": "Neue Updates von Ubuntu und Oracle Linux aufgenommen"
        },
        {
          "date": "2025-07-31T22:00:00.000+00:00",
          "number": "31",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-08-03T22:00:00.000+00:00",
          "number": "32",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-08-04T22:00:00.000+00:00",
          "number": "33",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2025-08-05T22:00:00.000+00:00",
          "number": "34",
          "summary": "Neue Updates von Ubuntu und SUSE aufgenommen"
        },
        {
          "date": "2025-08-10T22:00:00.000+00:00",
          "number": "35",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2025-08-11T22:00:00.000+00:00",
          "number": "36",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-08-12T22:00:00.000+00:00",
          "number": "37",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-08-17T22:00:00.000+00:00",
          "number": "38",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-08-18T22:00:00.000+00:00",
          "number": "39",
          "summary": "Neue Updates von SUSE und Red Hat aufgenommen"
        },
        {
          "date": "2025-08-19T22:00:00.000+00:00",
          "number": "40",
          "summary": "Neue Updates von Red Hat und Ubuntu aufgenommen"
        },
        {
          "date": "2025-08-20T22:00:00.000+00:00",
          "number": "41",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-08-21T22:00:00.000+00:00",
          "number": "42",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-08-24T22:00:00.000+00:00",
          "number": "43",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-08-26T22:00:00.000+00:00",
          "number": "44",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-08-27T22:00:00.000+00:00",
          "number": "45",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-08-28T22:00:00.000+00:00",
          "number": "46",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-08-31T22:00:00.000+00:00",
          "number": "47",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-09-02T22:00:00.000+00:00",
          "number": "48",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-09-03T22:00:00.000+00:00",
          "number": "49",
          "summary": "Neue Updates von Ubuntu und Oracle Linux aufgenommen"
        },
        {
          "date": "2025-09-09T22:00:00.000+00:00",
          "number": "50",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        }
      ],
      "status": "final",
      "version": "50"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Linux Kernel",
            "product": {
              "name": "Open Source Linux Kernel",
              "product_id": "T043337",
              "product_identification_helper": {
                "cpe": "cpe:/o:linux:linux_kernel:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-53109",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T043337",
          "67646",
          "T000126",
          "398363",
          "T004914"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2023-53109"
    },
    {
      "cve": "CVE-2023-53111",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T043337",
          "67646",
          "T000126",
          "398363",
          "T004914"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2023-53111"
    },
    {
      "cve": "CVE-2023-53112",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T043337",
          "67646",
          "T000126",
          "398363",
          "T004914"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2023-53112"
    },
    {
      "cve": "CVE-2023-53113",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T043337",
          "67646",
          "T000126",
          "398363",
          "T004914"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2023-53113"
    },
    {
      "cve": "CVE-2023-53114",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T043337",
          "67646",
          "T000126",
          "398363",
          "T004914"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2023-53114"
    },
    {
      "cve": "CVE-2023-53115",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T043337",
          "67646",
          "T000126",
          "398363",
          "T004914"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2023-53115"
    },
    {
      "cve": "CVE-2023-53116",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T043337",
          "67646",
          "T000126",
          "398363",
          "T004914"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2023-53116"
    },
    {
      "cve": "CVE-2023-53117",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T043337",
          "67646",
          "T000126",
          "398363",
          "T004914"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2023-53117"
    },
    {
      "cve": "CVE-2023-53118",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T043337",
          "67646",
          "T000126",
          "398363",
          "T004914"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2023-53118"
    },
    {
      "cve": "CVE-2023-53126",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T043337",
          "67646",
          "T000126",
          "398363",
          "T004914"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2023-53126"
    },
    {
      "cve": "CVE-2023-53129",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T043337",
          "67646",
          "T000126",
          "398363",
          "T004914"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2023-53129"
    },
    {
      "cve": "CVE-2023-53130",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T043337",
          "67646",
          "T000126",
          "398363",
          "T004914"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2023-53130"
    },
    {
      "cve": "CVE-2023-53131",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T043337",
          "67646",
          "T000126",
          "398363",
          "T004914"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2023-53131"
    },
    {
      "cve": "CVE-2023-53132",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T043337",
          "67646",
          "T000126",
          "398363",
          "T004914"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2023-53132"
    },
    {
      "cve": "CVE-2023-53133",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T043337",
          "67646",
          "T000126",
          "398363",
          "T004914"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2023-53133"
    },
    {
      "cve": "CVE-2023-53134",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T043337",
          "67646",
          "T000126",
          "398363",
          "T004914"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2023-53134"
    },
    {
      "cve": "CVE-2023-53135",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T043337",
          "67646",
          "T000126",
          "398363",
          "T004914"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2023-53135"
    },
    {
      "cve": "CVE-2023-53136",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T043337",
          "67646",
          "T000126",
          "398363",
          "T004914"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2023-53136"
    },
    {
      "cve": "CVE-2023-53137",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T043337",
          "67646",
          "T000126",
          "398363",
          "T004914"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2023-53137"
    },
    {
      "cve": "CVE-2023-53138",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T043337",
          "67646",
          "T000126",
          "398363",
          "T004914"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2023-53138"
    },
    {
      "cve": "CVE-2023-53139",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T043337",
          "67646",
          "T000126",
          "398363",
          "T004914"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2023-53139"
    },
    {
      "cve": "CVE-2023-53140",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T043337",
          "67646",
          "T000126",
          "398363",
          "T004914"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2023-53140"
    },
    {
      "cve": "CVE-2023-53141",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T043337",
          "67646",
          "T000126",
          "398363",
          "T004914"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2023-53141"
    },
    {
      "cve": "CVE-2023-53142",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T043337",
          "67646",
          "T000126",
          "398363",
          "T004914"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2023-53142"
    },
    {
      "cve": "CVE-2023-53143",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T043337",
          "67646",
          "T000126",
          "398363",
          "T004914"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2023-53143"
    },
    {
      "cve": "CVE-2023-53144",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T043337",
          "67646",
          "T000126",
          "398363",
          "T004914"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2023-53144"
    },
    {
      "cve": "CVE-2025-23163",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T043337",
          "67646",
          "T000126",
          "398363",
          "T004914"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2025-23163"
    },
    {
      "cve": "CVE-2025-37766",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T043337",
          "67646",
          "T000126",
          "398363",
          "T004914"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2025-37766"
    },
    {
      "cve": "CVE-2025-37770",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T043337",
          "67646",
          "T000126",
          "398363",
          "T004914"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2025-37770"
    },
    {
      "cve": "CVE-2025-37797",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T043337",
          "67646",
          "T000126",
          "398363",
          "T004914"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2025-37797"
    },
    {
      "cve": "CVE-2025-37798",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T043337",
          "67646",
          "T000126",
          "398363",
          "T004914"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2025-37798"
    },
    {
      "cve": "CVE-2025-37799",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T043337",
          "67646",
          "T000126",
          "398363",
          "T004914"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2025-37799"
    }
  ]
}

ghsa-pgwx-747m-9mgh

Vulnerability from github

Published

2025-05-02 18:31

Modified

2025-11-10 18:30

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

In the Linux kernel, the following vulnerability has been resolved:

net: caif: Fix use-after-free in cfusbl_device_notify()

syzbot reported use-after-free in cfusbl_device_notify() [1]. This causes a stack trace like below:

BUG: KASAN: use-after-free in cfusbl_device_notify+0x7c9/0x870 net/caif/caif_usb.c:138 Read of size 8 at addr ffff88807ac4e6f0 by task kworker/u4:6/1214

CPU: 0 PID: 1214 Comm: kworker/u4:6 Not tainted 5.19.0-rc3-syzkaller-00146-g92f20ff72066 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: netns cleanup_net Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106 print_address_description.constprop.0.cold+0xeb/0x467 mm/kasan/report.c:313 print_report mm/kasan/report.c:429 [inline] kasan_report.cold+0xf4/0x1c6 mm/kasan/report.c:491 cfusbl_device_notify+0x7c9/0x870 net/caif/caif_usb.c:138 notifier_call_chain+0xb5/0x200 kernel/notifier.c:87 call_netdevice_notifiers_info+0xb5/0x130 net/core/dev.c:1945 call_netdevice_notifiers_extack net/core/dev.c:1983 [inline] call_netdevice_notifiers net/core/dev.c:1997 [inline] netdev_wait_allrefs_any net/core/dev.c:10227 [inline] netdev_run_todo+0xbc0/0x10f0 net/core/dev.c:10341 default_device_exit_batch+0x44e/0x590 net/core/dev.c:11334 ops_exit_list+0x125/0x170 net/core/net_namespace.c:167 cleanup_net+0x4ea/0xb00 net/core/net_namespace.c:594 process_one_work+0x996/0x1610 kernel/workqueue.c:2289 worker_thread+0x665/0x1080 kernel/workqueue.c:2436 kthread+0x2e9/0x3a0 kernel/kthread.c:376 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:302

When unregistering a net device, unregister_netdevice_many_notify() sets the device's reg_state to NETREG_UNREGISTERING, calls notifiers with NETDEV_UNREGISTER, and adds the device to the todo list.

Later on, devices in the todo list are processed by netdev_run_todo(). netdev_run_todo() waits devices' reference count become 1 while rebdoadcasting NETDEV_UNREGISTER notification.

When cfusbl_device_notify() is called with NETDEV_UNREGISTER multiple times, the parent device might be freed. This could cause UAF. Processing NETDEV_UNREGISTER multiple times also causes inbalance of reference count for the module.

This patch fixes the issue by accepting only first NETDEV_UNREGISTER notification.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-53138"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-02T16:15:32Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: caif: Fix use-after-free in cfusbl_device_notify()\n\nsyzbot reported use-after-free in cfusbl_device_notify() [1].  This\ncauses a stack trace like below:\n\nBUG: KASAN: use-after-free in cfusbl_device_notify+0x7c9/0x870 net/caif/caif_usb.c:138\nRead of size 8 at addr ffff88807ac4e6f0 by task kworker/u4:6/1214\n\nCPU: 0 PID: 1214 Comm: kworker/u4:6 Not tainted 5.19.0-rc3-syzkaller-00146-g92f20ff72066 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nWorkqueue: netns cleanup_net\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\n print_address_description.constprop.0.cold+0xeb/0x467 mm/kasan/report.c:313\n print_report mm/kasan/report.c:429 [inline]\n kasan_report.cold+0xf4/0x1c6 mm/kasan/report.c:491\n cfusbl_device_notify+0x7c9/0x870 net/caif/caif_usb.c:138\n notifier_call_chain+0xb5/0x200 kernel/notifier.c:87\n call_netdevice_notifiers_info+0xb5/0x130 net/core/dev.c:1945\n call_netdevice_notifiers_extack net/core/dev.c:1983 [inline]\n call_netdevice_notifiers net/core/dev.c:1997 [inline]\n netdev_wait_allrefs_any net/core/dev.c:10227 [inline]\n netdev_run_todo+0xbc0/0x10f0 net/core/dev.c:10341\n default_device_exit_batch+0x44e/0x590 net/core/dev.c:11334\n ops_exit_list+0x125/0x170 net/core/net_namespace.c:167\n cleanup_net+0x4ea/0xb00 net/core/net_namespace.c:594\n process_one_work+0x996/0x1610 kernel/workqueue.c:2289\n worker_thread+0x665/0x1080 kernel/workqueue.c:2436\n kthread+0x2e9/0x3a0 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:302\n \u003c/TASK\u003e\n\nWhen unregistering a net device, unregister_netdevice_many_notify()\nsets the device\u0027s reg_state to NETREG_UNREGISTERING, calls notifiers\nwith NETDEV_UNREGISTER, and adds the device to the todo list.\n\nLater on, devices in the todo list are processed by netdev_run_todo().\nnetdev_run_todo() waits devices\u0027 reference count become 1 while\nrebdoadcasting NETDEV_UNREGISTER notification.\n\nWhen cfusbl_device_notify() is called with NETDEV_UNREGISTER multiple\ntimes, the parent device might be freed.  This could cause UAF.\nProcessing NETDEV_UNREGISTER multiple times also causes inbalance of\nreference count for the module.\n\nThis patch fixes the issue by accepting only first NETDEV_UNREGISTER\nnotification.",
  "id": "GHSA-pgwx-747m-9mgh",
  "modified": "2025-11-10T18:30:30Z",
  "published": "2025-05-02T18:31:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53138"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1793da97a23e31c5bf06631f3f3e5a25f368fd64"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/287027d8a567168a5d8ce5cb0cba16a34791a48c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3f14457e1584224f4296af613bbd99deb60b5d91"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/68a45c3cf0e2242a533657f4f535d9b6a7447a79"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9781e98a97110f5e76999058368b4be76a788484"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9dc16be373b382ddd4c274052a6e870a95e76c01"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c3aaec463a632cf4187dc017e421bfa69d7834a9"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d1a11bbdbb5ea9f172019c5a4a3e9d8eabd72179"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

fkie_cve-2023-53138

Vulnerability from fkie_nvd

Published

2025-05-02 16:15

Modified

2025-11-10 17:39

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/1793da97a23e31c5bf06631f3f3e5a25f368fd64	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/287027d8a567168a5d8ce5cb0cba16a34791a48c	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/3f14457e1584224f4296af613bbd99deb60b5d91	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/68a45c3cf0e2242a533657f4f535d9b6a7447a79	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/9781e98a97110f5e76999058368b4be76a788484	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/9dc16be373b382ddd4c274052a6e870a95e76c01	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/c3aaec463a632cf4187dc017e421bfa69d7834a9	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/d1a11bbdbb5ea9f172019c5a4a3e9d8eabd72179	Patch

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	6.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "47DECA7B-812B-4717-9679-38537FD30B5C",
              "versionEndExcluding": "4.14.310",
              "versionStartIncluding": "3.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BE5A05F-B15B-4F08-BCE4-7DF115602DC3",
              "versionEndExcluding": "4.19.278",
              "versionStartIncluding": "4.15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "229D3E63-7A14-4507-9222-7E4821F6FF3F",
              "versionEndExcluding": "5.4.237",
              "versionStartIncluding": "4.20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEA15466-227B-46FF-B5A8-1E8679056A83",
              "versionEndExcluding": "5.10.175",
              "versionStartIncluding": "5.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A57CCEF-C453-48CE-9A6E-71A03C369F61",
              "versionEndExcluding": "5.15.103",
              "versionStartIncluding": "5.11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B22D8949-72A1-4CED-8318-A040635DEEBE",
              "versionEndExcluding": "6.1.20",
              "versionStartIncluding": "5.16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFEDDF17-189C-4901-BD6B-41752E80AAA4",
              "versionEndExcluding": "6.2.7",
              "versionStartIncluding": "6.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "B8E3B0E8-FA27-4305-87BB-AF6C25B160CB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: caif: Fix use-after-free in cfusbl_device_notify()\n\nsyzbot reported use-after-free in cfusbl_device_notify() [1].  This\ncauses a stack trace like below:\n\nBUG: KASAN: use-after-free in cfusbl_device_notify+0x7c9/0x870 net/caif/caif_usb.c:138\nRead of size 8 at addr ffff88807ac4e6f0 by task kworker/u4:6/1214\n\nCPU: 0 PID: 1214 Comm: kworker/u4:6 Not tainted 5.19.0-rc3-syzkaller-00146-g92f20ff72066 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nWorkqueue: netns cleanup_net\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\n print_address_description.constprop.0.cold+0xeb/0x467 mm/kasan/report.c:313\n print_report mm/kasan/report.c:429 [inline]\n kasan_report.cold+0xf4/0x1c6 mm/kasan/report.c:491\n cfusbl_device_notify+0x7c9/0x870 net/caif/caif_usb.c:138\n notifier_call_chain+0xb5/0x200 kernel/notifier.c:87\n call_netdevice_notifiers_info+0xb5/0x130 net/core/dev.c:1945\n call_netdevice_notifiers_extack net/core/dev.c:1983 [inline]\n call_netdevice_notifiers net/core/dev.c:1997 [inline]\n netdev_wait_allrefs_any net/core/dev.c:10227 [inline]\n netdev_run_todo+0xbc0/0x10f0 net/core/dev.c:10341\n default_device_exit_batch+0x44e/0x590 net/core/dev.c:11334\n ops_exit_list+0x125/0x170 net/core/net_namespace.c:167\n cleanup_net+0x4ea/0xb00 net/core/net_namespace.c:594\n process_one_work+0x996/0x1610 kernel/workqueue.c:2289\n worker_thread+0x665/0x1080 kernel/workqueue.c:2436\n kthread+0x2e9/0x3a0 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:302\n \u003c/TASK\u003e\n\nWhen unregistering a net device, unregister_netdevice_many_notify()\nsets the device\u0027s reg_state to NETREG_UNREGISTERING, calls notifiers\nwith NETDEV_UNREGISTER, and adds the device to the todo list.\n\nLater on, devices in the todo list are processed by netdev_run_todo().\nnetdev_run_todo() waits devices\u0027 reference count become 1 while\nrebdoadcasting NETDEV_UNREGISTER notification.\n\nWhen cfusbl_device_notify() is called with NETDEV_UNREGISTER multiple\ntimes, the parent device might be freed.  This could cause UAF.\nProcessing NETDEV_UNREGISTER multiple times also causes inbalance of\nreference count for the module.\n\nThis patch fixes the issue by accepting only first NETDEV_UNREGISTER\nnotification."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: caif: Se corrige el use-after-free en cfusbl_device_notify() syzbot inform\u00f3 el use-after-free en cfusbl_device_notify() [1]. Esto provoca un seguimiento de pila como el siguiente: ERROR: KASAN: use-after-free en cfusbl_device_notify+0x7c9/0x870 net/caif/caif_usb.c:138 Lectura de tama\u00f1o 8 en la direcci\u00f3n ffff88807ac4e6f0 por la tarea kworker/u4:6/1214 CPU: 0 PID: 1214 Comm: kworker/u4:6 No contaminado 5.19.0-rc3-syzkaller-00146-g92f20ff72066 #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Cola de trabajo: netns cleanup_net Seguimiento de llamadas:  __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106 print_address_description.constprop.0.cold+0xeb/0x467 mm/kasan/report.c:313 print_report mm/kasan/report.c:429 [inline] kasan_report.cold+0xf4/0x1c6 mm/kasan/report.c:491 cfusbl_device_notify+0x7c9/0x870 net/caif/caif_usb.c:138 notifier_call_chain+0xb5/0x200 kernel/notifier.c:87 call_netdevice_notifiers_info+0xb5/0x130 net/core/dev.c:1945 call_netdevice_notifiers_extack net/core/dev.c:1983 [inline] call_netdevice_notifiers net/core/dev.c:1997 [inline] netdev_wait_allrefs_any net/core/dev.c:10227 [inline] netdev_run_todo+0xbc0/0x10f0 net/core/dev.c:10341 default_device_exit_batch+0x44e/0x590 net/core/dev.c:11334 ops_exit_list+0x125/0x170 net/core/net_namespace.c:167 cleanup_net+0x4ea/0xb00 net/core/net_namespace.c:594 process_one_work+0x996/0x1610 kernel/workqueue.c:2289 worker_thread+0x665/0x1080 kernel/workqueue.c:2436 kthread+0x2e9/0x3a0 kernel/kthread.c:376 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:302  Al anular el registro de un dispositivo de red, unregister_netdevice_many_notify() establece el estado del dispositivo en NETREG_UNREGISTERING, llama a los notificadores con NETDEV_UNREGISTER y a\u00f1ade el dispositivo a la lista de tareas pendientes. Posteriormente, netdev_run_todo() procesa los dispositivos de la lista de tareas pendientes. netdev_run_todo() espera a que el recuento de referencias de los dispositivos llegue a 1 mientras retransmite la notificaci\u00f3n NETDEV_UNREGISTER. Si se llama a cfusbl_device_notify() con NETDEV_UNREGISTER varias veces, el dispositivo principal podr\u00eda liberarse. Esto podr\u00eda causar un UAF. Procesar NETDEV_UNREGISTER varias veces tambi\u00e9n provoca un desequilibrio en el recuento de referencias del m\u00f3dulo. Este parche soluciona el problema aceptando solo la primera notificaci\u00f3n NETDEV_UNREGISTER."
    }
  ],
  "id": "CVE-2023-53138",
  "lastModified": "2025-11-10T17:39:03.013",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-05-02T16:15:32.720",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/1793da97a23e31c5bf06631f3f3e5a25f368fd64"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/287027d8a567168a5d8ce5cb0cba16a34791a48c"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/3f14457e1584224f4296af613bbd99deb60b5d91"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/68a45c3cf0e2242a533657f4f535d9b6a7447a79"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/9781e98a97110f5e76999058368b4be76a788484"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/9dc16be373b382ddd4c274052a6e870a95e76c01"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/c3aaec463a632cf4187dc017e421bfa69d7834a9"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/d1a11bbdbb5ea9f172019c5a4a3e9d8eabd72179"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2023-53138 (GCVE-0-2023-53138)

Vulnerability from cvelistv5

wid-sec-w-2025-0932

Vulnerability from csaf_certbund

ghsa-pgwx-747m-9mgh

Vulnerability from github

fkie_cve-2023-53138

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature