Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-21643 (GCVE-0-2025-21643)
Vulnerability from cvelistv5
Published
2025-01-19 10:17
Modified
2025-05-04 07:18
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
netfs: Fix kernel async DIO
Netfslib needs to be able to handle kernel-initiated asynchronous DIO that
is supplied with a bio_vec[] array. Currently, because of the async flag,
this gets passed to netfs_extract_user_iter() which throws a warning and
fails because it only handles IOVEC and UBUF iterators. This can be
triggered through a combination of cifs and a loopback blockdev with
something like:
mount //my/cifs/share /foo
dd if=/dev/zero of=/foo/m0 bs=4K count=1K
losetup --sector-size 4096 --direct-io=on /dev/loop2046 /foo/m0
echo hello >/dev/loop2046
This causes the following to appear in syslog:
WARNING: CPU: 2 PID: 109 at fs/netfs/iterator.c:50 netfs_extract_user_iter+0x170/0x250 [netfs]
and the write to fail.
Fix this by removing the check in netfs_unbuffered_write_iter_locked() that
causes async kernel DIO writes to be handled as userspace writes. Note
that this change relies on the kernel caller maintaining the existence of
the bio_vec array (or kvec[] or folio_queue) until the op is complete.
References
Impacted products
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/netfs/direct_write.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "9f3a265836844eda30bf34c2584b8011fd4f0f49",
"status": "affected",
"version": "153a9961b551101cd38e94e26cd92fbfd198b19b",
"versionType": "git"
},
{
"lessThan": "3f6bc9e3ab9b127171d39f9ac6eca1abb693b731",
"status": "affected",
"version": "153a9961b551101cd38e94e26cd92fbfd198b19b",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/netfs/direct_write.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.8"
},
{
"lessThan": "6.8",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.13",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.10",
"versionStartIncluding": "6.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.13",
"versionStartIncluding": "6.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfs: Fix kernel async DIO\n\nNetfslib needs to be able to handle kernel-initiated asynchronous DIO that\nis supplied with a bio_vec[] array. Currently, because of the async flag,\nthis gets passed to netfs_extract_user_iter() which throws a warning and\nfails because it only handles IOVEC and UBUF iterators. This can be\ntriggered through a combination of cifs and a loopback blockdev with\nsomething like:\n\n mount //my/cifs/share /foo\n dd if=/dev/zero of=/foo/m0 bs=4K count=1K\n losetup --sector-size 4096 --direct-io=on /dev/loop2046 /foo/m0\n echo hello \u003e/dev/loop2046\n\nThis causes the following to appear in syslog:\n\n WARNING: CPU: 2 PID: 109 at fs/netfs/iterator.c:50 netfs_extract_user_iter+0x170/0x250 [netfs]\n\nand the write to fail.\n\nFix this by removing the check in netfs_unbuffered_write_iter_locked() that\ncauses async kernel DIO writes to be handled as userspace writes. Note\nthat this change relies on the kernel caller maintaining the existence of\nthe bio_vec array (or kvec[] or folio_queue) until the op is complete."
}
],
"providerMetadata": {
"dateUpdated": "2025-05-04T07:18:06.741Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/9f3a265836844eda30bf34c2584b8011fd4f0f49"
},
{
"url": "https://git.kernel.org/stable/c/3f6bc9e3ab9b127171d39f9ac6eca1abb693b731"
}
],
"title": "netfs: Fix kernel async DIO",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-21643",
"datePublished": "2025-01-19T10:17:59.820Z",
"dateReserved": "2024-12-29T08:45:45.727Z",
"dateUpdated": "2025-05-04T07:18:06.741Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-21643\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-01-19T11:15:09.870\",\"lastModified\":\"2025-01-19T11:15:09.870\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnetfs: Fix kernel async DIO\\n\\nNetfslib needs to be able to handle kernel-initiated asynchronous DIO that\\nis supplied with a bio_vec[] array. Currently, because of the async flag,\\nthis gets passed to netfs_extract_user_iter() which throws a warning and\\nfails because it only handles IOVEC and UBUF iterators. This can be\\ntriggered through a combination of cifs and a loopback blockdev with\\nsomething like:\\n\\n mount //my/cifs/share /foo\\n dd if=/dev/zero of=/foo/m0 bs=4K count=1K\\n losetup --sector-size 4096 --direct-io=on /dev/loop2046 /foo/m0\\n echo hello \u003e/dev/loop2046\\n\\nThis causes the following to appear in syslog:\\n\\n WARNING: CPU: 2 PID: 109 at fs/netfs/iterator.c:50 netfs_extract_user_iter+0x170/0x250 [netfs]\\n\\nand the write to fail.\\n\\nFix this by removing the check in netfs_unbuffered_write_iter_locked() that\\ncauses async kernel DIO writes to be handled as userspace writes. Note\\nthat this change relies on the kernel caller maintaining the existence of\\nthe bio_vec array (or kvec[] or folio_queue) until the op is complete.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/3f6bc9e3ab9b127171d39f9ac6eca1abb693b731\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/9f3a265836844eda30bf34c2584b8011fd4f0f49\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
}
}
wid-sec-w-2025-0119
Vulnerability from csaf_certbund
Published
2025-01-19 23:00
Modified
2025-08-12 22:00
Summary
Linux Kernel: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff
Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen oder andere nicht spezifizierte Auswirkungen zu verursachen.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren oder andere nicht spezifizierte Auswirkungen zu verursachen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0119 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0119.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0119 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0119"
},
{
"category": "external",
"summary": "Kernel CVE Announce Mailingliste",
"url": "https://lore.kernel.org/linux-cve-announce/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57904",
"url": "https://lore.kernel.org/linux-cve-announce/2025011934-CVE-2024-57904-dac5@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57905",
"url": "https://lore.kernel.org/linux-cve-announce/2025011937-CVE-2024-57905-7d0d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57906",
"url": "https://lore.kernel.org/linux-cve-announce/2025011937-CVE-2024-57906-6e61@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57907",
"url": "https://lore.kernel.org/linux-cve-announce/2025011937-CVE-2024-57907-e5dd@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57908",
"url": "https://lore.kernel.org/linux-cve-announce/2025011938-CVE-2024-57908-654f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57909",
"url": "https://lore.kernel.org/linux-cve-announce/2025011938-CVE-2024-57909-ed6a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57910",
"url": "https://lore.kernel.org/linux-cve-announce/2025011938-CVE-2024-57910-e4e0@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57911",
"url": "https://lore.kernel.org/linux-cve-announce/2025011939-CVE-2024-57911-0e13@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57912",
"url": "https://lore.kernel.org/linux-cve-announce/2025011939-CVE-2024-57912-6049@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57913",
"url": "https://lore.kernel.org/linux-cve-announce/2025011939-CVE-2024-57913-d69f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57914",
"url": "https://lore.kernel.org/linux-cve-announce/2025011940-CVE-2024-57914-33e0@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57915",
"url": "https://lore.kernel.org/linux-cve-announce/2025011940-CVE-2024-57915-fc93@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57916",
"url": "https://lore.kernel.org/linux-cve-announce/2025011940-CVE-2024-57916-4116@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57917",
"url": "https://lore.kernel.org/linux-cve-announce/2025011941-CVE-2024-57917-f1e1@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57918",
"url": "https://lore.kernel.org/linux-cve-announce/2025011941-CVE-2024-57918-ad02@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57919",
"url": "https://lore.kernel.org/linux-cve-announce/2025011941-CVE-2024-57919-9800@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57920",
"url": "https://lore.kernel.org/linux-cve-announce/2025011942-CVE-2024-57920-b514@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57921",
"url": "https://lore.kernel.org/linux-cve-announce/2025011942-CVE-2024-57921-836d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57922",
"url": "https://lore.kernel.org/linux-cve-announce/2025011942-CVE-2024-57922-1f81@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57923",
"url": "https://lore.kernel.org/linux-cve-announce/2025011943-CVE-2024-57923-3c99@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57924",
"url": "https://lore.kernel.org/linux-cve-announce/2025011943-CVE-2024-57924-954a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57925",
"url": "https://lore.kernel.org/linux-cve-announce/2025011944-CVE-2024-57925-b738@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57926",
"url": "https://lore.kernel.org/linux-cve-announce/2025011944-CVE-2024-57926-023f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57927",
"url": "https://lore.kernel.org/linux-cve-announce/2025011944-CVE-2024-57927-fb00@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57928",
"url": "https://lore.kernel.org/linux-cve-announce/2025011945-CVE-2024-57928-7291@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57929",
"url": "https://lore.kernel.org/linux-cve-announce/2025011945-CVE-2024-57929-2b82@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21631",
"url": "https://lore.kernel.org/linux-cve-announce/2025011939-CVE-2025-21631-5f2d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21632",
"url": "https://lore.kernel.org/linux-cve-announce/2025011942-CVE-2025-21632-9fde@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21633",
"url": "https://lore.kernel.org/linux-cve-announce/2025011942-CVE-2025-21633-a313@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21634",
"url": "https://lore.kernel.org/linux-cve-announce/2025011942-CVE-2025-21634-011f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21635",
"url": "https://lore.kernel.org/linux-cve-announce/2025011943-CVE-2025-21635-12e7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21636",
"url": "https://lore.kernel.org/linux-cve-announce/2025011943-CVE-2025-21636-0bb0@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21637",
"url": "https://lore.kernel.org/linux-cve-announce/2025011943-CVE-2025-21637-3dde@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21638",
"url": "https://lore.kernel.org/linux-cve-announce/2025011944-CVE-2025-21638-35a8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21639",
"url": "https://lore.kernel.org/linux-cve-announce/2025011944-CVE-2025-21639-f1ca@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21640",
"url": "https://lore.kernel.org/linux-cve-announce/2025011944-CVE-2025-21640-4dd1@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21641",
"url": "https://lore.kernel.org/linux-cve-announce/2025011944-CVE-2025-21641-0897@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21642",
"url": "https://lore.kernel.org/linux-cve-announce/2025011944-CVE-2025-21642-5728@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21643",
"url": "https://lore.kernel.org/linux-cve-announce/2025011945-CVE-2025-21643-f3f6@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21644",
"url": "https://lore.kernel.org/linux-cve-announce/2025011945-CVE-2025-21644-9113@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21645",
"url": "https://lore.kernel.org/linux-cve-announce/2025011945-CVE-2025-21645-e342@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21646",
"url": "https://lore.kernel.org/linux-cve-announce/2025011945-CVE-2025-21646-8f6e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21647",
"url": "https://lore.kernel.org/linux-cve-announce/2025011946-CVE-2025-21647-51d8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21648",
"url": "https://lore.kernel.org/linux-cve-announce/2025011946-CVE-2025-21648-bcda@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21649",
"url": "https://lore.kernel.org/linux-cve-announce/2025011946-CVE-2025-21649-f7ac@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21650",
"url": "https://lore.kernel.org/linux-cve-announce/2025011946-CVE-2025-21650-3a74@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21651",
"url": "https://lore.kernel.org/linux-cve-announce/2025011946-CVE-2025-21651-fbe8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21652",
"url": "https://lore.kernel.org/linux-cve-announce/2025011947-CVE-2025-21652-95d7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21653",
"url": "https://lore.kernel.org/linux-cve-announce/2025011947-CVE-2025-21653-b6c0@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21654",
"url": "https://lore.kernel.org/linux-cve-announce/2025011947-CVE-2025-21654-5eac@gregkh/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0289-1 vom 2025-01-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020239.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5860 vom 2025-02-08",
"url": "https://lists.debian.org/debian-security-announce/2025/msg00023.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0428-1 vom 2025-02-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020311.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0499-1 vom 2025-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020336.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0557-1 vom 2025-02-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020350.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0565-1 vom 2025-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020360.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0564-1 vom 2025-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020361.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASKERNEL-5.4-2025-094 vom 2025-02-25",
"url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2025-094.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASKERNEL-5.15-2025-063 vom 2025-02-25",
"url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.15-2025-063.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4075 vom 2025-03-01",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4076 vom 2025-03-01",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0784-1 vom 2025-03-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020484.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0833-1 vom 2025-03-11",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/NVOTJPDFQQWPNLUFPKTQVNNMK5RQPZGP/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0833-2 vom 2025-03-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020502.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0834-1 vom 2025-03-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020497.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0847-1 vom 2025-03-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020505.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0853-1 vom 2025-03-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020506.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASKERNEL-5.10-2025-082 vom 2025-03-14",
"url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2025-082.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASKERNEL-5.15-2025-067 vom 2025-03-14",
"url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.15-2025-067.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASKERNEL-5.10-2025-085 vom 2025-03-14",
"url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2025-085.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0856-1 vom 2025-03-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/OSPHACQPT5GWCIN3WJL55RCYA4OHTBLI/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0856-1 vom 2025-03-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020508.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0856-1 vom 2025-03-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/OSPHACQPT5GWCIN3WJL55RCYA4OHTBLI/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0955-1 vom 2025-03-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020563.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASLIVEPATCH-2025-206 vom 2025-03-26",
"url": "https://alas.aws.amazon.com/AL2/ALASLIVEPATCH-2025-206.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7388-1 vom 2025-03-27",
"url": "https://ubuntu.com/security/notices/USN-7388-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7381-1 vom 2025-03-27",
"url": "https://ubuntu.com/security/notices/USN-7381-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7382-1 vom 2025-03-27",
"url": "https://ubuntu.com/security/notices/USN-7382-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7387-1 vom 2025-03-27",
"url": "https://ubuntu.com/security/notices/USN-7387-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7380-1 vom 2025-03-27",
"url": "https://ubuntu.com/security/notices/USN-7380-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7379-1 vom 2025-03-27",
"url": "https://ubuntu.com/security/notices/USN-7379-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7387-3 vom 2025-03-28",
"url": "https://ubuntu.com/security/notices/USN-7387-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7391-1 vom 2025-03-28",
"url": "https://ubuntu.com/security/notices/USN-7391-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7392-1 vom 2025-03-28",
"url": "https://ubuntu.com/security/notices/USN-7392-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7390-1 vom 2025-03-28",
"url": "https://ubuntu.com/security/notices/USN-7390-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7393-1 vom 2025-03-28",
"url": "https://ubuntu.com/security/notices/USN-7393-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7392-2 vom 2025-03-28",
"url": "https://ubuntu.com/security/notices/USN-7392-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7389-1 vom 2025-03-28",
"url": "https://ubuntu.com/security/notices/USN-7389-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7387-2 vom 2025-03-28",
"url": "https://ubuntu.com/security/notices/USN-7387-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7401-1 vom 2025-04-01",
"url": "https://ubuntu.com/security/notices/USN-7401-1"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASKERNEL-5.4-2025-097 vom 2025-04-01",
"url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2025-097.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7392-4 vom 2025-04-01",
"url": "https://ubuntu.com/security/notices/USN-7392-4"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASLIVEPATCH-2025-208 vom 2025-04-01",
"url": "https://alas.aws.amazon.com/AL2/ALASLIVEPATCH-2025-208.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASLIVEPATCH-2025-209 vom 2025-04-01",
"url": "https://alas.aws.amazon.com/AL2/ALASLIVEPATCH-2025-209.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASLIVEPATCH-2025-210 vom 2025-04-01",
"url": "https://alas.aws.amazon.com/AL2/ALASLIVEPATCH-2025-210.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7392-3 vom 2025-04-01",
"url": "https://ubuntu.com/security/notices/USN-7392-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7379-2 vom 2025-04-01",
"url": "https://ubuntu.com/security/notices/USN-7379-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7407-1 vom 2025-04-02",
"url": "https://ubuntu.com/security/notices/USN-7407-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7413-1 vom 2025-04-03",
"url": "https://ubuntu.com/security/notices/USN-7413-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7421-1 vom 2025-04-07",
"url": "https://ubuntu.com/security/notices/USN-7421-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1177-1 vom 2025-04-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-April/020670.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1178-1 vom 2025-04-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-April/020674.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1180-1 vom 2025-04-09",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/DGJ23MSZWYIA7MJ47RNVV6T27Z324VKA/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7459-1 vom 2025-04-24",
"url": "https://ubuntu.com/security/notices/USN-7459-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7463-1 vom 2025-04-24",
"url": "https://ubuntu.com/security/notices/USN-7463-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7458-1 vom 2025-04-24",
"url": "https://ubuntu.com/security/notices/USN-7458-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7459-2 vom 2025-04-28",
"url": "https://ubuntu.com/security/notices/USN-7459-2"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:6966 vom 2025-05-13",
"url": "https://access.redhat.com/errata/RHSA-2025:6966"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:7423 vom 2025-05-13",
"url": "https://access.redhat.com/errata/RHSA-2025:7423"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7515-1 vom 2025-05-16",
"url": "https://ubuntu.com/security/notices/USN-7515-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7516-1 vom 2025-05-16",
"url": "https://ubuntu.com/security/notices/USN-7516-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7513-2 vom 2025-05-16",
"url": "https://ubuntu.com/security/notices/USN-7513-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7514-1 vom 2025-05-16",
"url": "https://ubuntu.com/security/notices/USN-7514-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7510-1 vom 2025-05-16",
"url": "https://ubuntu.com/security/notices/USN-7510-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7513-1 vom 2025-05-16",
"url": "https://ubuntu.com/security/notices/USN-7513-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7510-2 vom 2025-05-16",
"url": "https://ubuntu.com/security/notices/USN-7510-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7511-1 vom 2025-05-16",
"url": "https://ubuntu.com/security/notices/USN-7511-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7512-1 vom 2025-05-16",
"url": "https://ubuntu.com/security/notices/USN-7512-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7516-2 vom 2025-05-16",
"url": "https://ubuntu.com/security/notices/USN-7511-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7517-1 vom 2025-05-16",
"url": "https://ubuntu.com/security/notices/USN-7517-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7518-1 vom 2025-05-20",
"url": "https://ubuntu.com/security/notices/USN-7518-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7511-3 vom 2025-05-20",
"url": "https://ubuntu.com/security/notices/USN-7511-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7523-1 vom 2025-05-20",
"url": "https://ubuntu.com/security/notices/USN-7523-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7522-1 vom 2025-05-20",
"url": "https://ubuntu.com/security/notices/USN-7522-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7516-3 vom 2025-05-20",
"url": "https://ubuntu.com/security/notices/USN-7516-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7515-2 vom 2025-05-20",
"url": "https://ubuntu.com/security/notices/USN-7515-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7513-3 vom 2025-05-20",
"url": "https://ubuntu.com/security/notices/USN-7513-3"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01600-1 vom 2025-05-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020854.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7510-3 vom 2025-05-20",
"url": "https://ubuntu.com/security/notices/USN-7510-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7510-4 vom 2025-05-20",
"url": "https://ubuntu.com/security/notices/USN-7510-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7510-5 vom 2025-05-20",
"url": "https://ubuntu.com/security/notices/USN-7510-5"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01614-1 vom 2025-05-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020870.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7517-2 vom 2025-05-21",
"url": "https://ubuntu.com/security/notices/USN-7517-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7516-4 vom 2025-05-21",
"url": "https://ubuntu.com/security/notices/USN-7516-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7516-5 vom 2025-05-23",
"url": "https://ubuntu.com/security/notices/USN-7516-5"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-7903 vom 2025-05-23",
"url": "https://linux.oracle.com/errata/ELSA-2025-7903.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-7423 vom 2025-05-23",
"url": "https://linux.oracle.com/errata/ELSA-2025-7423.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5925 vom 2025-05-24",
"url": "https://lists.debian.org/debian-security-announce/2025/msg00088.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4178 vom 2025-05-26",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7524-1 vom 2025-05-26",
"url": "https://ubuntu.com/security/notices/USN-7524-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01707-1 vom 2025-05-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020902.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7516-6 vom 2025-05-26",
"url": "https://ubuntu.com/security/notices/USN-7516-6"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7510-6 vom 2025-05-27",
"url": "https://ubuntu.com/security/notices/USN-7510-6"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7540-1 vom 2025-05-28",
"url": "https://ubuntu.com/security/notices/USN-7540-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7510-7 vom 2025-05-28",
"url": "https://ubuntu.com/security/notices/USN-7510-7"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7513-4 vom 2025-05-28",
"url": "https://ubuntu.com/security/notices/USN-7513-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7539-1 vom 2025-05-28",
"url": "https://ubuntu.com/security/notices/USN-7539-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20343-1 vom 2025-05-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020965.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7510-8 vom 2025-05-29",
"url": "https://ubuntu.com/security/notices/USN-7510-8"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7513-5 vom 2025-05-29",
"url": "https://ubuntu.com/security/notices/USN-7513-5"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7516-7 vom 2025-05-29",
"url": "https://ubuntu.com/security/notices/USN-7516-7"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20344-1 vom 2025-05-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020964.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7516-8 vom 2025-05-29",
"url": "https://ubuntu.com/security/notices/USN-7516-8"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7516-9 vom 2025-05-29",
"url": "https://ubuntu.com/security/notices/USN-7516-9"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-213 vom 2025-05-30",
"url": "https://www.dell.com/support/kbdoc/de-de/000326299/dsa-2025-213-security-update-for-dell-avamar-dell-networker-virtual-edition-nve-and-dell-powerprotect-dp-series-appliance-dell-integrated-data-protection-appliance-idpa-multiple-third-party-vulnerabilities"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20355-1 vom 2025-06-02",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021015.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20354-1 vom 2025-06-02",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021016.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20249-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021072.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20248-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021074.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20260-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021058.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20270-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021056.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20192-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021150.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20190-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021154.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20165-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021174.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20166-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021176.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01919-1 vom 2025-06-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021477.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01951-1 vom 2025-06-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021509.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01967-1 vom 2025-06-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021533.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01964-1 vom 2025-06-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021531.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01965-1 vom 2025-06-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021535.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20408-1 vom 2025-06-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021550.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20413-1 vom 2025-06-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021547.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01972-1 vom 2025-06-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021537.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01983-1 vom 2025-06-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021538.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02000-1 vom 2025-06-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021568.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20421-1 vom 2025-06-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021590.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20419-1 vom 2025-06-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021591.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7593-1 vom 2025-06-24",
"url": "https://ubuntu.com/security/notices/USN-7593-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7595-1 vom 2025-06-24",
"url": "https://ubuntu.com/security/notices/USN-7595-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7595-2 vom 2025-06-24",
"url": "https://ubuntu.com/security/notices/USN-7595-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7596-1 vom 2025-06-24",
"url": "https://ubuntu.com/security/notices/USN-7596-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7596-2 vom 2025-06-25",
"url": "https://ubuntu.com/security/notices/USN-7596-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7595-3 vom 2025-06-25",
"url": "https://ubuntu.com/security/notices/USN-7595-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7602-1 vom 2025-06-26",
"url": "https://ubuntu.com/security/notices/USN-7602-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7595-4 vom 2025-06-26",
"url": "https://ubuntu.com/security/notices/USN-7595-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7595-5 vom 2025-06-30",
"url": "https://ubuntu.com/security/notices/USN-7595-5"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-20406 vom 2025-07-08",
"url": "https://linux.oracle.com/errata/ELSA-2025-20406.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7640-1 vom 2025-07-16",
"url": "https://ubuntu.com/security/notices/USN-7640-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7653-1 vom 2025-07-17",
"url": "https://ubuntu.com/security/notices/USN-7653-1"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4271 vom 2025-08-13",
"url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html"
}
],
"source_lang": "en-US",
"title": "Linux Kernel: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-08-12T22:00:00.000+00:00",
"generator": {
"date": "2025-08-13T06:27:12.144+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-0119",
"initial_release_date": "2025-01-19T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-01-19T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-01-29T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-02-09T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-02-11T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-02-13T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-02-16T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-02-17T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-02-25T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-03-02T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-03-05T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-03-11T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-03-12T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-03-13T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von SUSE und Amazon aufgenommen"
},
{
"date": "2025-03-19T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-03-26T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-03-27T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-03-30T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-04-01T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Ubuntu und Amazon aufgenommen"
},
{
"date": "2025-04-02T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-04-03T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-04-07T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-04-08T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-04-24T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-04-28T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-05-13T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-05-18T22:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-05-19T22:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-05-20T22:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von Ubuntu und SUSE aufgenommen"
},
{
"date": "2025-05-21T22:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von SUSE und Ubuntu aufgenommen"
},
{
"date": "2025-05-22T22:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von Ubuntu und Oracle Linux aufgenommen"
},
{
"date": "2025-05-25T22:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-05-26T22:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von Debian, Ubuntu und SUSE aufgenommen"
},
{
"date": "2025-05-27T22:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-05-29T22:00:00.000+00:00",
"number": "34",
"summary": "Neue Updates von SUSE und Ubuntu aufgenommen"
},
{
"date": "2025-06-02T22:00:00.000+00:00",
"number": "35",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-03T22:00:00.000+00:00",
"number": "36",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-11T22:00:00.000+00:00",
"number": "37",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-15T22:00:00.000+00:00",
"number": "38",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-16T22:00:00.000+00:00",
"number": "39",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-17T22:00:00.000+00:00",
"number": "40",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-19T22:00:00.000+00:00",
"number": "41",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-23T22:00:00.000+00:00",
"number": "42",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-06-24T22:00:00.000+00:00",
"number": "43",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-06-25T22:00:00.000+00:00",
"number": "44",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-06-26T22:00:00.000+00:00",
"number": "45",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-06-30T22:00:00.000+00:00",
"number": "46",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-07-08T22:00:00.000+00:00",
"number": "47",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-07-16T22:00:00.000+00:00",
"number": "48",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-07-17T22:00:00.000+00:00",
"number": "49",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-07-31T22:00:00.000+00:00",
"number": "50",
"summary": "Referenz(en) aufgenommen:"
},
{
"date": "2025-08-12T22:00:00.000+00:00",
"number": "51",
"summary": "Neue Updates von Debian aufgenommen"
}
],
"status": "final",
"version": "51"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Dell Avamar",
"product": {
"name": "Dell Avamar",
"product_id": "T039664",
"product_identification_helper": {
"cpe": "cpe:/a:dell:avamar:-"
}
}
},
{
"category": "product_name",
"name": "Dell NetWorker",
"product": {
"name": "Dell NetWorker",
"product_id": "T034583",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:virtual"
}
}
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Linux Kernel",
"product": {
"name": "Open Source Linux Kernel",
"product_id": "T008144",
"product_identification_helper": {
"cpe": "cpe:/a:linux:linux_kernel:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-57904",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2024-57904"
},
{
"cve": "CVE-2024-57905",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2024-57905"
},
{
"cve": "CVE-2024-57906",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2024-57906"
},
{
"cve": "CVE-2024-57907",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2024-57907"
},
{
"cve": "CVE-2024-57908",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2024-57908"
},
{
"cve": "CVE-2024-57909",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2024-57909"
},
{
"cve": "CVE-2024-57910",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2024-57910"
},
{
"cve": "CVE-2024-57911",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2024-57911"
},
{
"cve": "CVE-2024-57912",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2024-57912"
},
{
"cve": "CVE-2024-57913",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2024-57913"
},
{
"cve": "CVE-2024-57914",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2024-57914"
},
{
"cve": "CVE-2024-57915",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2024-57915"
},
{
"cve": "CVE-2024-57916",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2024-57916"
},
{
"cve": "CVE-2024-57917",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2024-57917"
},
{
"cve": "CVE-2024-57918",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2024-57918"
},
{
"cve": "CVE-2024-57919",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2024-57919"
},
{
"cve": "CVE-2024-57920",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2024-57920"
},
{
"cve": "CVE-2024-57921",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2024-57921"
},
{
"cve": "CVE-2024-57922",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2024-57922"
},
{
"cve": "CVE-2024-57923",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2024-57923"
},
{
"cve": "CVE-2024-57924",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2024-57924"
},
{
"cve": "CVE-2024-57925",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2024-57925"
},
{
"cve": "CVE-2024-57926",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2024-57926"
},
{
"cve": "CVE-2024-57927",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2024-57927"
},
{
"cve": "CVE-2024-57928",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2024-57928"
},
{
"cve": "CVE-2024-57929",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2024-57929"
},
{
"cve": "CVE-2025-21631",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2025-21631"
},
{
"cve": "CVE-2025-21632",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2025-21632"
},
{
"cve": "CVE-2025-21633",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2025-21633"
},
{
"cve": "CVE-2025-21634",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2025-21634"
},
{
"cve": "CVE-2025-21635",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2025-21635"
},
{
"cve": "CVE-2025-21636",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2025-21636"
},
{
"cve": "CVE-2025-21637",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2025-21637"
},
{
"cve": "CVE-2025-21638",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2025-21638"
},
{
"cve": "CVE-2025-21639",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2025-21639"
},
{
"cve": "CVE-2025-21640",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2025-21640"
},
{
"cve": "CVE-2025-21641",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2025-21641"
},
{
"cve": "CVE-2025-21642",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2025-21642"
},
{
"cve": "CVE-2025-21643",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2025-21643"
},
{
"cve": "CVE-2025-21644",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2025-21644"
},
{
"cve": "CVE-2025-21645",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2025-21645"
},
{
"cve": "CVE-2025-21646",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2025-21646"
},
{
"cve": "CVE-2025-21647",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2025-21647"
},
{
"cve": "CVE-2025-21648",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2025-21648"
},
{
"cve": "CVE-2025-21649",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2025-21649"
},
{
"cve": "CVE-2025-21650",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2025-21650"
},
{
"cve": "CVE-2025-21651",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2025-21651"
},
{
"cve": "CVE-2025-21652",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2025-21652"
},
{
"cve": "CVE-2025-21653",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2025-21653"
},
{
"cve": "CVE-2025-21654",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T034583",
"398363",
"T004914",
"T008144",
"T039664"
]
},
"release_date": "2025-01-19T23:00:00.000+00:00",
"title": "CVE-2025-21654"
}
]
}
ghsa-h8fh-268c-fhwm
Vulnerability from github
Published
2025-01-19 12:31
Modified
2025-01-19 12:31
VLAI Severity ?
Details
In the Linux kernel, the following vulnerability has been resolved:
netfs: Fix kernel async DIO
Netfslib needs to be able to handle kernel-initiated asynchronous DIO that is supplied with a bio_vec[] array. Currently, because of the async flag, this gets passed to netfs_extract_user_iter() which throws a warning and fails because it only handles IOVEC and UBUF iterators. This can be triggered through a combination of cifs and a loopback blockdev with something like:
mount //my/cifs/share /foo
dd if=/dev/zero of=/foo/m0 bs=4K count=1K
losetup --sector-size 4096 --direct-io=on /dev/loop2046 /foo/m0
echo hello >/dev/loop2046
This causes the following to appear in syslog:
WARNING: CPU: 2 PID: 109 at fs/netfs/iterator.c:50 netfs_extract_user_iter+0x170/0x250 [netfs]
and the write to fail.
Fix this by removing the check in netfs_unbuffered_write_iter_locked() that causes async kernel DIO writes to be handled as userspace writes. Note that this change relies on the kernel caller maintaining the existence of the bio_vec array (or kvec[] or folio_queue) until the op is complete.
{
"affected": [],
"aliases": [
"CVE-2025-21643"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-19T11:15:09Z",
"severity": null
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfs: Fix kernel async DIO\n\nNetfslib needs to be able to handle kernel-initiated asynchronous DIO that\nis supplied with a bio_vec[] array. Currently, because of the async flag,\nthis gets passed to netfs_extract_user_iter() which throws a warning and\nfails because it only handles IOVEC and UBUF iterators. This can be\ntriggered through a combination of cifs and a loopback blockdev with\nsomething like:\n\n mount //my/cifs/share /foo\n dd if=/dev/zero of=/foo/m0 bs=4K count=1K\n losetup --sector-size 4096 --direct-io=on /dev/loop2046 /foo/m0\n echo hello \u003e/dev/loop2046\n\nThis causes the following to appear in syslog:\n\n WARNING: CPU: 2 PID: 109 at fs/netfs/iterator.c:50 netfs_extract_user_iter+0x170/0x250 [netfs]\n\nand the write to fail.\n\nFix this by removing the check in netfs_unbuffered_write_iter_locked() that\ncauses async kernel DIO writes to be handled as userspace writes. Note\nthat this change relies on the kernel caller maintaining the existence of\nthe bio_vec array (or kvec[] or folio_queue) until the op is complete.",
"id": "GHSA-h8fh-268c-fhwm",
"modified": "2025-01-19T12:31:25Z",
"published": "2025-01-19T12:31:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21643"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3f6bc9e3ab9b127171d39f9ac6eca1abb693b731"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9f3a265836844eda30bf34c2584b8011fd4f0f49"
}
],
"schema_version": "1.4.0",
"severity": []
}
fkie_cve-2025-21643
Vulnerability from fkie_nvd
Published
2025-01-19 11:15
Modified
2025-01-19 11:15
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
netfs: Fix kernel async DIO
Netfslib needs to be able to handle kernel-initiated asynchronous DIO that
is supplied with a bio_vec[] array. Currently, because of the async flag,
this gets passed to netfs_extract_user_iter() which throws a warning and
fails because it only handles IOVEC and UBUF iterators. This can be
triggered through a combination of cifs and a loopback blockdev with
something like:
mount //my/cifs/share /foo
dd if=/dev/zero of=/foo/m0 bs=4K count=1K
losetup --sector-size 4096 --direct-io=on /dev/loop2046 /foo/m0
echo hello >/dev/loop2046
This causes the following to appear in syslog:
WARNING: CPU: 2 PID: 109 at fs/netfs/iterator.c:50 netfs_extract_user_iter+0x170/0x250 [netfs]
and the write to fail.
Fix this by removing the check in netfs_unbuffered_write_iter_locked() that
causes async kernel DIO writes to be handled as userspace writes. Note
that this change relies on the kernel caller maintaining the existence of
the bio_vec array (or kvec[] or folio_queue) until the op is complete.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfs: Fix kernel async DIO\n\nNetfslib needs to be able to handle kernel-initiated asynchronous DIO that\nis supplied with a bio_vec[] array. Currently, because of the async flag,\nthis gets passed to netfs_extract_user_iter() which throws a warning and\nfails because it only handles IOVEC and UBUF iterators. This can be\ntriggered through a combination of cifs and a loopback blockdev with\nsomething like:\n\n mount //my/cifs/share /foo\n dd if=/dev/zero of=/foo/m0 bs=4K count=1K\n losetup --sector-size 4096 --direct-io=on /dev/loop2046 /foo/m0\n echo hello \u003e/dev/loop2046\n\nThis causes the following to appear in syslog:\n\n WARNING: CPU: 2 PID: 109 at fs/netfs/iterator.c:50 netfs_extract_user_iter+0x170/0x250 [netfs]\n\nand the write to fail.\n\nFix this by removing the check in netfs_unbuffered_write_iter_locked() that\ncauses async kernel DIO writes to be handled as userspace writes. Note\nthat this change relies on the kernel caller maintaining the existence of\nthe bio_vec array (or kvec[] or folio_queue) until the op is complete."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfs: Se corrige el error DIO asincr\u00f3nico del kernel Netfslib debe poder gestionar el error DIO asincr\u00f3nico iniciado por el kernel que se suministra con una matriz bio_vec[]. Actualmente, debido al indicador async, esto se pasa a netfs_extract_user_iter() que lanza una advertencia y falla porque solo gestiona iteradores IOVEC y UBUF. Esto se puede activar a trav\u00e9s de una combinaci\u00f3n de cifs y un blockdev de bucle invertido con algo como: mount //my/cifs/share /foo dd if=/dev/zero of=/foo/m0 bs=4K count=1K losetup --sector-size 4096 --direct-io=on /dev/loop2046 /foo/m0 echo hello \u0026gt;/dev/loop2046 Esto hace que aparezca lo siguiente en syslog: ADVERTENCIA: CPU: 2 PID: 109 en fs/netfs/iterator.c:50 netfs_extract_user_iter+0x170/0x250 [netfs] y que la escritura falle. Solucione esto eliminando la comprobaci\u00f3n en netfs_unbuffered_write_iter_locked() que hace que las escrituras DIO del kernel as\u00edncronas se gestionen como escrituras del espacio de usuario. Tenga en cuenta que este cambio depende de que el llamador del n\u00facleo mantenga la existencia de la matriz bio_vec (o kvec[] o folio_queue) hasta que se complete la operaci\u00f3n."
}
],
"id": "CVE-2025-21643",
"lastModified": "2025-01-19T11:15:09.870",
"metrics": {},
"published": "2025-01-19T11:15:09.870",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/3f6bc9e3ab9b127171d39f9ac6eca1abb693b731"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/9f3a265836844eda30bf34c2584b8011fd4f0f49"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Awaiting Analysis"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…