Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-39836 (GCVE-0-2025-39836)
Vulnerability from cvelistv5
Published
2025-09-16 13:08
Modified
2025-09-29 06:00
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
efi: stmm: Fix incorrect buffer allocation method
The communication buffer allocated by setup_mm_hdr() is later on passed
to tee_shm_register_kernel_buf(). The latter expects those buffers to be
contiguous pages, but setup_mm_hdr() just uses kmalloc(). That can cause
various corruptions or BUGs, specifically since commit 9aec2fb0fd5e
("slab: allocate frozen pages"), though it was broken before as well.
Fix this by using alloc_pages_exact() instead of kmalloc().
References
Impacted products
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/firmware/efi/stmm/tee_stmm_efi.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "77ff27ff0e4529a003c8a1c2492c111968c378d3",
"status": "affected",
"version": "c44b6be62e8dd4ee0a308c36a70620613e6fc55f",
"versionType": "git"
},
{
"lessThan": "630c0e6064daf84f17aad1a7d9ca76b562e3fe47",
"status": "affected",
"version": "c44b6be62e8dd4ee0a308c36a70620613e6fc55f",
"versionType": "git"
},
{
"lessThan": "c5e81e672699e0c5557b2b755cc8f7a69aa92bff",
"status": "affected",
"version": "c44b6be62e8dd4ee0a308c36a70620613e6fc55f",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/firmware/efi/stmm/tee_stmm_efi.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.8"
},
{
"lessThan": "6.8",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.45",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.16.*",
"status": "unaffected",
"version": "6.16.5",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.45",
"versionStartIncluding": "6.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.16.5",
"versionStartIncluding": "6.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.17",
"versionStartIncluding": "6.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nefi: stmm: Fix incorrect buffer allocation method\n\nThe communication buffer allocated by setup_mm_hdr() is later on passed\nto tee_shm_register_kernel_buf(). The latter expects those buffers to be\ncontiguous pages, but setup_mm_hdr() just uses kmalloc(). That can cause\nvarious corruptions or BUGs, specifically since commit 9aec2fb0fd5e\n(\"slab: allocate frozen pages\"), though it was broken before as well.\n\nFix this by using alloc_pages_exact() instead of kmalloc()."
}
],
"providerMetadata": {
"dateUpdated": "2025-09-29T06:00:40.674Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/77ff27ff0e4529a003c8a1c2492c111968c378d3"
},
{
"url": "https://git.kernel.org/stable/c/630c0e6064daf84f17aad1a7d9ca76b562e3fe47"
},
{
"url": "https://git.kernel.org/stable/c/c5e81e672699e0c5557b2b755cc8f7a69aa92bff"
}
],
"title": "efi: stmm: Fix incorrect buffer allocation method",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-39836",
"datePublished": "2025-09-16T13:08:52.326Z",
"dateReserved": "2025-04-16T07:20:57.141Z",
"dateUpdated": "2025-09-29T06:00:40.674Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-39836\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-09-16T14:15:51.983\",\"lastModified\":\"2025-09-17T14:18:55.093\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nefi: stmm: Fix incorrect buffer allocation method\\n\\nThe communication buffer allocated by setup_mm_hdr() is later on passed\\nto tee_shm_register_kernel_buf(). The latter expects those buffers to be\\ncontiguous pages, but setup_mm_hdr() just uses kmalloc(). That can cause\\nvarious corruptions or BUGs, specifically since commit 9aec2fb0fd5e\\n(\\\"slab: allocate frozen pages\\\"), though it was broken before as well.\\n\\nFix this by using alloc_pages_exact() instead of kmalloc().\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/630c0e6064daf84f17aad1a7d9ca76b562e3fe47\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/77ff27ff0e4529a003c8a1c2492c111968c378d3\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/c5e81e672699e0c5557b2b755cc8f7a69aa92bff\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
}
}
fkie_cve-2025-39836
Vulnerability from fkie_nvd
Published
2025-09-16 14:15
Modified
2025-09-17 14:18
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
efi: stmm: Fix incorrect buffer allocation method
The communication buffer allocated by setup_mm_hdr() is later on passed
to tee_shm_register_kernel_buf(). The latter expects those buffers to be
contiguous pages, but setup_mm_hdr() just uses kmalloc(). That can cause
various corruptions or BUGs, specifically since commit 9aec2fb0fd5e
("slab: allocate frozen pages"), though it was broken before as well.
Fix this by using alloc_pages_exact() instead of kmalloc().
References
| URL | Tags | ||
|---|---|---|---|
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/630c0e6064daf84f17aad1a7d9ca76b562e3fe47 | ||
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/77ff27ff0e4529a003c8a1c2492c111968c378d3 | ||
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/c5e81e672699e0c5557b2b755cc8f7a69aa92bff |
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nefi: stmm: Fix incorrect buffer allocation method\n\nThe communication buffer allocated by setup_mm_hdr() is later on passed\nto tee_shm_register_kernel_buf(). The latter expects those buffers to be\ncontiguous pages, but setup_mm_hdr() just uses kmalloc(). That can cause\nvarious corruptions or BUGs, specifically since commit 9aec2fb0fd5e\n(\"slab: allocate frozen pages\"), though it was broken before as well.\n\nFix this by using alloc_pages_exact() instead of kmalloc()."
}
],
"id": "CVE-2025-39836",
"lastModified": "2025-09-17T14:18:55.093",
"metrics": {},
"published": "2025-09-16T14:15:51.983",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/630c0e6064daf84f17aad1a7d9ca76b562e3fe47"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/77ff27ff0e4529a003c8a1c2492c111968c378d3"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/c5e81e672699e0c5557b2b755cc8f7a69aa92bff"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Awaiting Analysis"
}
CERTFR-2025-AVI-0825
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans le noyau Linux de Debian. Elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et un déni de service.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Debian trixie versions ant\u00e9rieures \u00e0 6.12.48-1",
"product": {
"name": "Debian",
"vendor": {
"name": "Debian",
"scada": false
}
}
},
{
"description": "Debian bookworm versions ant\u00e9rieures \u00e0 6.1.153-1",
"product": {
"name": "Debian",
"vendor": {
"name": "Debian",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-38453",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38453"
},
{
"name": "CVE-2025-39812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39812"
},
{
"name": "CVE-2025-38711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38711"
},
{
"name": "CVE-2025-39723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39723"
},
{
"name": "CVE-2025-39808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39808"
},
{
"name": "CVE-2025-39757",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39757"
},
{
"name": "CVE-2025-39772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39772"
},
{
"name": "CVE-2025-39826",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39826"
},
{
"name": "CVE-2025-39716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39716"
},
{
"name": "CVE-2025-39702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39702"
},
{
"name": "CVE-2025-39779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39779"
},
{
"name": "CVE-2025-39685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39685"
},
{
"name": "CVE-2025-39765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39765"
},
{
"name": "CVE-2025-39720",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39720"
},
{
"name": "CVE-2025-39827",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39827"
},
{
"name": "CVE-2025-39828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39828"
},
{
"name": "CVE-2025-22125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22125"
},
{
"name": "CVE-2025-39811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39811"
},
{
"name": "CVE-2025-38491",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38491"
},
{
"name": "CVE-2025-38708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38708"
},
{
"name": "CVE-2025-22103",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22103"
},
{
"name": "CVE-2025-39701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39701"
},
{
"name": "CVE-2025-39709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39709"
},
{
"name": "CVE-2025-39689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39689"
},
{
"name": "CVE-2025-39787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39787"
},
{
"name": "CVE-2025-38734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38734"
},
{
"name": "CVE-2025-38695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38695"
},
{
"name": "CVE-2025-39749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39749"
},
{
"name": "CVE-2025-39700",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39700"
},
{
"name": "CVE-2025-39866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39866"
},
{
"name": "CVE-2025-39843",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39843"
},
{
"name": "CVE-2025-23160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23160"
},
{
"name": "CVE-2025-39751",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39751"
},
{
"name": "CVE-2025-39681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39681"
},
{
"name": "CVE-2025-39770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39770"
},
{
"name": "CVE-2025-38706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38706"
},
{
"name": "CVE-2025-38699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38699"
},
{
"name": "CVE-2025-38707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38707"
},
{
"name": "CVE-2025-39692",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39692"
},
{
"name": "CVE-2025-38677",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38677"
},
{
"name": "CVE-2025-39853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39853"
},
{
"name": "CVE-2025-39857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39857"
},
{
"name": "CVE-2025-39865",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39865"
},
{
"name": "CVE-2025-39675",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39675"
},
{
"name": "CVE-2025-39679",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39679"
},
{
"name": "CVE-2025-38693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38693"
},
{
"name": "CVE-2025-38679",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38679"
},
{
"name": "CVE-2025-38685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38685"
},
{
"name": "CVE-2025-38502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38502"
},
{
"name": "CVE-2025-39838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39838"
},
{
"name": "CVE-2025-39823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39823"
},
{
"name": "CVE-2025-39864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39864"
},
{
"name": "CVE-2025-39824",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39824"
},
{
"name": "CVE-2025-39737",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39737"
},
{
"name": "CVE-2025-38702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38702"
},
{
"name": "CVE-2025-38724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38724"
},
{
"name": "CVE-2025-38698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38698"
},
{
"name": "CVE-2025-21751",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21751"
},
{
"name": "CVE-2025-39842",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39842"
},
{
"name": "CVE-2025-39815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39815"
},
{
"name": "CVE-2025-37931",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37931"
},
{
"name": "CVE-2025-39849",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39849"
},
{
"name": "CVE-2025-39861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39861"
},
{
"name": "CVE-2025-39743",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39743"
},
{
"name": "CVE-2025-39718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39718"
},
{
"name": "CVE-2025-38712",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38712"
},
{
"name": "CVE-2025-38732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38732"
},
{
"name": "CVE-2025-39773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39773"
},
{
"name": "CVE-2025-38696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38696"
},
{
"name": "CVE-2025-38727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38727"
},
{
"name": "CVE-2025-39722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39722"
},
{
"name": "CVE-2025-38670",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38670"
},
{
"name": "CVE-2025-39845",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39845"
},
{
"name": "CVE-2025-39788",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39788"
},
{
"name": "CVE-2025-39791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39791"
},
{
"name": "CVE-2025-38735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38735"
},
{
"name": "CVE-2025-39698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39698"
},
{
"name": "CVE-2025-39805",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39805"
},
{
"name": "CVE-2025-22113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22113"
},
{
"name": "CVE-2025-38614",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38614"
},
{
"name": "CVE-2025-23143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23143"
},
{
"name": "CVE-2025-38322",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38322"
},
{
"name": "CVE-2025-38694",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38694"
},
{
"name": "CVE-2025-38676",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38676"
},
{
"name": "CVE-2025-38729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38729"
},
{
"name": "CVE-2025-38681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38681"
},
{
"name": "CVE-2025-39795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39795"
},
{
"name": "CVE-2025-38687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38687"
},
{
"name": "CVE-2025-38272",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38272"
},
{
"name": "CVE-2025-38728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38728"
},
{
"name": "CVE-2025-38715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38715"
},
{
"name": "CVE-2025-39710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39710"
},
{
"name": "CVE-2025-39683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39683"
},
{
"name": "CVE-2025-39794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39794"
},
{
"name": "CVE-2025-39697",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39697"
},
{
"name": "CVE-2025-38713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38713"
},
{
"name": "CVE-2025-38556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38556"
},
{
"name": "CVE-2025-39810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39810"
},
{
"name": "CVE-2025-39782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39782"
},
{
"name": "CVE-2025-38697",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38697"
},
{
"name": "CVE-2025-38691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38691"
},
{
"name": "CVE-2025-39759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39759"
},
{
"name": "CVE-2025-39860",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39860"
},
{
"name": "CVE-2025-39721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39721"
},
{
"name": "CVE-2025-39760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39760"
},
{
"name": "CVE-2025-39673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39673"
},
{
"name": "CVE-2025-39839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39839"
},
{
"name": "CVE-2025-38723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38723"
},
{
"name": "CVE-2024-57924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57924"
},
{
"name": "CVE-2025-39848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39848"
},
{
"name": "CVE-2025-39800",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39800"
},
{
"name": "CVE-2025-39703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39703"
},
{
"name": "CVE-2025-39825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39825"
},
{
"name": "CVE-2025-38552",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38552"
},
{
"name": "CVE-2025-39852",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39852"
},
{
"name": "CVE-2025-39766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39766"
},
{
"name": "CVE-2025-39801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39801"
},
{
"name": "CVE-2025-39724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39724"
},
{
"name": "CVE-2025-39687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39687"
},
{
"name": "CVE-2025-39694",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39694"
},
{
"name": "CVE-2025-40300",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40300"
},
{
"name": "CVE-2025-39806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39806"
},
{
"name": "CVE-2025-39851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39851"
},
{
"name": "CVE-2025-38721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38721"
},
{
"name": "CVE-2025-39684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39684"
},
{
"name": "CVE-2025-39807",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39807"
},
{
"name": "CVE-2025-38725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38725"
},
{
"name": "CVE-2025-38347",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38347"
},
{
"name": "CVE-2025-39776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39776"
},
{
"name": "CVE-2025-37968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37968"
},
{
"name": "CVE-2025-38683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38683"
},
{
"name": "CVE-2025-39736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39736"
},
{
"name": "CVE-2025-39846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39846"
},
{
"name": "CVE-2025-39691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39691"
},
{
"name": "CVE-2025-39850",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39850"
},
{
"name": "CVE-2025-39844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39844"
},
{
"name": "CVE-2025-39742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39742"
},
{
"name": "CVE-2025-39863",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39863"
},
{
"name": "CVE-2025-38701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38701"
},
{
"name": "CVE-2024-58240",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58240"
},
{
"name": "CVE-2025-39767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39767"
},
{
"name": "CVE-2025-39817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39817"
},
{
"name": "CVE-2024-47704",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47704"
},
{
"name": "CVE-2025-39790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39790"
},
{
"name": "CVE-2025-38680",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38680"
},
{
"name": "CVE-2025-38684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38684"
},
{
"name": "CVE-2025-39686",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39686"
},
{
"name": "CVE-2025-39798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39798"
},
{
"name": "CVE-2025-38730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38730"
},
{
"name": "CVE-2025-22124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22124"
},
{
"name": "CVE-2025-39714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39714"
},
{
"name": "CVE-2025-39854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39854"
},
{
"name": "CVE-2025-39706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39706"
},
{
"name": "CVE-2025-38306",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38306"
},
{
"name": "CVE-2025-39719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39719"
},
{
"name": "CVE-2025-39695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39695"
},
{
"name": "CVE-2025-39738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39738"
},
{
"name": "CVE-2025-39705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39705"
},
{
"name": "CVE-2025-38737",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38737"
},
{
"name": "CVE-2025-39713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39713"
},
{
"name": "CVE-2025-23133",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23133"
},
{
"name": "CVE-2025-39756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39756"
},
{
"name": "CVE-2025-38736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38736"
},
{
"name": "CVE-2025-39831",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39831"
},
{
"name": "CVE-2025-39693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39693"
},
{
"name": "CVE-2025-39682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39682"
},
{
"name": "CVE-2025-39676",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39676"
},
{
"name": "CVE-2025-39832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39832"
},
{
"name": "CVE-2025-39813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39813"
},
{
"name": "CVE-2025-39847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39847"
},
{
"name": "CVE-2025-39819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39819"
},
{
"name": "CVE-2025-39783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39783"
},
{
"name": "CVE-2025-39715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39715"
},
{
"name": "CVE-2025-39835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39835"
},
{
"name": "CVE-2025-38700",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38700"
},
{
"name": "CVE-2025-39841",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39841"
},
{
"name": "CVE-2025-39712",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39712"
},
{
"name": "CVE-2025-39707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39707"
},
{
"name": "CVE-2025-39829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39829"
},
{
"name": "CVE-2025-39781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39781"
},
{
"name": "CVE-2025-39780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39780"
},
{
"name": "CVE-2025-39711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39711"
},
{
"name": "CVE-2025-38714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38714"
},
{
"name": "CVE-2025-39836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39836"
},
{
"name": "CVE-2025-38733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38733"
},
{
"name": "CVE-2025-39752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39752"
}
],
"initial_release_date": "2025-09-26T00:00:00",
"last_revision_date": "2025-09-26T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0825",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-09-26T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de Debian. Elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un d\u00e9ni de service.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Debian",
"vendor_advisories": [
{
"published_at": "2025-09-22",
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-6009-1",
"url": "https://lists.debian.org/debian-security-announce/2025/msg00173.html"
},
{
"published_at": "2025-09-22",
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-6008-1",
"url": "https://lists.debian.org/debian-security-announce/2025/msg00172.html"
}
]
}
wid-sec-w-2025-2077
Vulnerability from csaf_certbund
Published
2025-09-16 22:00
Modified
2025-10-30 23:00
Summary
Linux Kernel: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff
Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen oder nicht näher beschriebene Auswirkungen zu erzielen.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren oder nicht n\u00e4her beschriebene Auswirkungen zu erzielen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2077 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2077.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2077 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2077"
},
{
"category": "external",
"summary": "Kernel CVE Announce Mailingliste",
"url": "https://lore.kernel.org/linux-cve-announce/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50339",
"url": "https://lore.kernel.org/linux-cve-announce/2025091636-CVE-2022-50339-bc17@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50340",
"url": "https://lore.kernel.org/linux-cve-announce/2025091638-CVE-2022-50340-693e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50341",
"url": "https://lore.kernel.org/linux-cve-announce/2025091638-CVE-2022-50341-12c1@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50342",
"url": "https://lore.kernel.org/linux-cve-announce/2025091639-CVE-2022-50342-d7ef@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50343",
"url": "https://lore.kernel.org/linux-cve-announce/2025091639-CVE-2022-50343-75e3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50344",
"url": "https://lore.kernel.org/linux-cve-announce/2025091639-CVE-2022-50344-8893@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50345",
"url": "https://lore.kernel.org/linux-cve-announce/2025091639-CVE-2022-50345-a1ff@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50346",
"url": "https://lore.kernel.org/linux-cve-announce/2025091639-CVE-2022-50346-49b1@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50347",
"url": "https://lore.kernel.org/linux-cve-announce/2025091640-CVE-2022-50347-33c3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50348",
"url": "https://lore.kernel.org/linux-cve-announce/2025091640-CVE-2022-50348-534c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50349",
"url": "https://lore.kernel.org/linux-cve-announce/2025091640-CVE-2022-50349-cc37@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50350",
"url": "https://lore.kernel.org/linux-cve-announce/2025091640-CVE-2022-50350-31bb@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50351",
"url": "https://lore.kernel.org/linux-cve-announce/2025091640-CVE-2022-50351-ac59@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50352",
"url": "https://lore.kernel.org/linux-cve-announce/2025091641-CVE-2022-50352-8531@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53304",
"url": "https://lore.kernel.org/linux-cve-announce/2025091641-CVE-2023-53304-9a57@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53305",
"url": "https://lore.kernel.org/linux-cve-announce/2025091641-CVE-2023-53305-b8fe@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53306",
"url": "https://lore.kernel.org/linux-cve-announce/2025091641-CVE-2023-53306-b665@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53307",
"url": "https://lore.kernel.org/linux-cve-announce/2025091641-CVE-2023-53307-129b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53308",
"url": "https://lore.kernel.org/linux-cve-announce/2025091641-CVE-2023-53308-51a1@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53309",
"url": "https://lore.kernel.org/linux-cve-announce/2025091642-CVE-2023-53309-005a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53310",
"url": "https://lore.kernel.org/linux-cve-announce/2025091642-CVE-2023-53310-8d40@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53311",
"url": "https://lore.kernel.org/linux-cve-announce/2025091642-CVE-2023-53311-bff3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53312",
"url": "https://lore.kernel.org/linux-cve-announce/2025091642-CVE-2023-53312-a16b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53313",
"url": "https://lore.kernel.org/linux-cve-announce/2025091642-CVE-2023-53313-0f1c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53314",
"url": "https://lore.kernel.org/linux-cve-announce/2025091643-CVE-2023-53314-b727@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53315",
"url": "https://lore.kernel.org/linux-cve-announce/2025091643-CVE-2023-53315-2711@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53316",
"url": "https://lore.kernel.org/linux-cve-announce/2025091643-CVE-2023-53316-fb3d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53317",
"url": "https://lore.kernel.org/linux-cve-announce/2025091643-CVE-2023-53317-c945@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53318",
"url": "https://lore.kernel.org/linux-cve-announce/2025091643-CVE-2023-53318-633b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53319",
"url": "https://lore.kernel.org/linux-cve-announce/2025091643-CVE-2023-53319-4fd2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53320",
"url": "https://lore.kernel.org/linux-cve-announce/2025091644-CVE-2023-53320-d419@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53321",
"url": "https://lore.kernel.org/linux-cve-announce/2025091644-CVE-2023-53321-0003@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53322",
"url": "https://lore.kernel.org/linux-cve-announce/2025091644-CVE-2023-53322-45ba@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53323",
"url": "https://lore.kernel.org/linux-cve-announce/2025091644-CVE-2023-53323-6a1b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53324",
"url": "https://lore.kernel.org/linux-cve-announce/2025091644-CVE-2023-53324-631a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53325",
"url": "https://lore.kernel.org/linux-cve-announce/2025091644-CVE-2023-53325-a6b9@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53326",
"url": "https://lore.kernel.org/linux-cve-announce/2025091645-CVE-2023-53326-7ff5@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53327",
"url": "https://lore.kernel.org/linux-cve-announce/2025091645-CVE-2023-53327-55c1@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53328",
"url": "https://lore.kernel.org/linux-cve-announce/2025091645-CVE-2023-53328-07a7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53329",
"url": "https://lore.kernel.org/linux-cve-announce/2025091645-CVE-2023-53329-d1d9@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53330",
"url": "https://lore.kernel.org/linux-cve-announce/2025091645-CVE-2023-53330-8d89@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53331",
"url": "https://lore.kernel.org/linux-cve-announce/2025091645-CVE-2023-53331-50a3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53332",
"url": "https://lore.kernel.org/linux-cve-announce/2025091646-CVE-2023-53332-9a4d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53333",
"url": "https://lore.kernel.org/linux-cve-announce/2025091646-CVE-2023-53333-f2b8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53334",
"url": "https://lore.kernel.org/linux-cve-announce/2025091646-CVE-2023-53334-bd19@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39805",
"url": "https://lore.kernel.org/linux-cve-announce/2025091610-CVE-2025-39805-2871@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39806",
"url": "https://lore.kernel.org/linux-cve-announce/2025091613-CVE-2025-39806-f74d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39807",
"url": "https://lore.kernel.org/linux-cve-announce/2025091613-CVE-2025-39807-4c3b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39808",
"url": "https://lore.kernel.org/linux-cve-announce/2025091613-CVE-2025-39808-a964@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39809",
"url": "https://lore.kernel.org/linux-cve-announce/2025091614-CVE-2025-39809-396d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39810",
"url": "https://lore.kernel.org/linux-cve-announce/2025091614-CVE-2025-39810-ed5c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39811",
"url": "https://lore.kernel.org/linux-cve-announce/2025091614-CVE-2025-39811-535b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39812",
"url": "https://lore.kernel.org/linux-cve-announce/2025091614-CVE-2025-39812-8a89@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39813",
"url": "https://lore.kernel.org/linux-cve-announce/2025091614-CVE-2025-39813-295c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39814",
"url": "https://lore.kernel.org/linux-cve-announce/2025091614-CVE-2025-39814-1765@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39815",
"url": "https://lore.kernel.org/linux-cve-announce/2025091615-CVE-2025-39815-a663@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39816",
"url": "https://lore.kernel.org/linux-cve-announce/2025091615-CVE-2025-39816-f21d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39817",
"url": "https://lore.kernel.org/linux-cve-announce/2025091615-CVE-2025-39817-90b7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39818",
"url": "https://lore.kernel.org/linux-cve-announce/2025091615-CVE-2025-39818-f1b9@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39819",
"url": "https://lore.kernel.org/linux-cve-announce/2025091615-CVE-2025-39819-d3c9@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39820",
"url": "https://lore.kernel.org/linux-cve-announce/2025091615-CVE-2025-39820-50d7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39821",
"url": "https://lore.kernel.org/linux-cve-announce/2025091616-CVE-2025-39821-3812@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39822",
"url": "https://lore.kernel.org/linux-cve-announce/2025091616-CVE-2025-39822-454e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39823",
"url": "https://lore.kernel.org/linux-cve-announce/2025091616-CVE-2025-39823-f9bf@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39824",
"url": "https://lore.kernel.org/linux-cve-announce/2025091616-CVE-2025-39824-6491@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39825",
"url": "https://lore.kernel.org/linux-cve-announce/2025091616-CVE-2025-39825-8a7a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39826",
"url": "https://lore.kernel.org/linux-cve-announce/2025091616-CVE-2025-39826-e096@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39827",
"url": "https://lore.kernel.org/linux-cve-announce/2025091617-CVE-2025-39827-0c7c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39828",
"url": "https://lore.kernel.org/linux-cve-announce/2025091617-CVE-2025-39828-c69f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39829",
"url": "https://lore.kernel.org/linux-cve-announce/2025091617-CVE-2025-39829-2ef1@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39830",
"url": "https://lore.kernel.org/linux-cve-announce/2025091657-CVE-2025-39830-5341@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39831",
"url": "https://lore.kernel.org/linux-cve-announce/2025091657-CVE-2025-39831-1112@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39832",
"url": "https://lore.kernel.org/linux-cve-announce/2025091657-CVE-2025-39832-6bbc@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39833",
"url": "https://lore.kernel.org/linux-cve-announce/2025091657-CVE-2025-39833-c2ef@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39834",
"url": "https://lore.kernel.org/linux-cve-announce/2025091657-CVE-2025-39834-4d8f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39835",
"url": "https://lore.kernel.org/linux-cve-announce/2025091658-CVE-2025-39835-6f82@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39836",
"url": "https://lore.kernel.org/linux-cve-announce/2025091658-CVE-2025-39836-49ce@gregkh/"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6008 vom 2025-09-23",
"url": "https://lists.debian.org/debian-security-announce/2025/msg00172.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6009 vom 2025-09-23",
"url": "https://lists.debian.org/debian-security-announce/2025/msg00173.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.15-2025-090 vom 2025-09-30",
"url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.15-2025-090.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.10-2025-106 vom 2025-09-30",
"url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.10-2025-106.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4327 vom 2025-10-13",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4328 vom 2025-10-13",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03613-1 vom 2025-10-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022915.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03614-1 vom 2025-10-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022911.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03600-1 vom 2025-10-15",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VHWHH7ZSMFJ6PQZ3CBDGGCWHNBCWD26Z/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03615-1 vom 2025-10-16",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BVPLWRQN6MVKFQDJSEKN2JP6PMSGIO4Q/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03601-1 vom 2025-10-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022903.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-17797 vom 2025-10-15",
"url": "https://linux.oracle.com/errata/ELSA-2025-17797.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03626-1 vom 2025-10-17",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/Z3DYHRRLY43MYRNEEU5SFR4ZRMSPITED/"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:17812 vom 2025-10-18",
"url": "https://errata.build.resf.org/RLSA-2025:17812"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:17797 vom 2025-10-18",
"url": "https://errata.build.resf.org/RLSA-2025:17797"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03634-1 vom 2025-10-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022925.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03633-1 vom 2025-10-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022926.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03628-1 vom 2025-10-17",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/O6BEPQBC4GULLYP5G3VVU4ZS37B7I6EV/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:18281 vom 2025-10-20",
"url": "https://access.redhat.com/errata/RHSA-2025:18281"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:18318 vom 2025-10-20",
"url": "https://access.redhat.com/errata/RHSA-2025:18318"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-18281 vom 2025-10-20",
"url": "https://linux.oracle.com/errata/ELSA-2025-18281.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-18318 vom 2025-10-21",
"url": "https://linux.oracle.com/errata/ELSA-2025-18318.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:18932 vom 2025-10-22",
"url": "https://access.redhat.com/errata/RHSA-2025:18932"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3716-1 vom 2025-10-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022962.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3761-1 vom 2025-10-23",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MLTPAKCOQABZPEY7O35CI42PHK5WNIUQ/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3751-1 vom 2025-10-23",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NMB6RXALFYMRMM4UK7R54RAQRCZJEBH4/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20861-1 vom 2025-10-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023019.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20851-1 vom 2025-10-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023025.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:18318 vom 2025-10-26",
"url": "https://errata.build.resf.org/RLSA-2025:18318"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19103 vom 2025-10-27",
"url": "https://access.redhat.com/errata/RHSA-2025:19103"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19102 vom 2025-10-27",
"url": "https://access.redhat.com/errata/RHSA-2025:19102"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-19102 vom 2025-10-28",
"url": "https://linux.oracle.com/errata/ELSA-2025-19102.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19105 vom 2025-10-27",
"url": "https://access.redhat.com/errata/RHSA-2025:19105"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20870-1 vom 2025-10-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023060.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-19105 vom 2025-10-28",
"url": "https://linux.oracle.com/errata/ELSA-2025-19105.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19222 vom 2025-10-29",
"url": "https://access.redhat.com/errata/RHSA-2025:19222"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20898-1 vom 2025-10-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023116.html"
}
],
"source_lang": "en-US",
"title": "Linux Kernel: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-10-30T23:00:00.000+00:00",
"generator": {
"date": "2025-10-31T09:29:22.365+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-2077",
"initial_release_date": "2025-09-16T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-09-16T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-09-22T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-09-29T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-10-12T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-10-15T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE und Oracle Linux aufgenommen"
},
{
"date": "2025-10-16T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-19T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Rocky Enterprise Software Foundation, SUSE und Red Hat aufgenommen"
},
{
"date": "2025-10-20T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-10-21T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-10-23T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-26T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von SUSE, Rocky Enterprise Software Foundation und Red Hat aufgenommen"
},
{
"date": "2025-10-27T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Oracle Linux, Red Hat und SUSE aufgenommen"
},
{
"date": "2025-10-28T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
},
{
"date": "2025-10-30T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von SUSE aufgenommen"
}
],
"status": "final",
"version": "14"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Linux Kernel",
"product": {
"name": "Open Source Linux Kernel",
"product_id": "T028463",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:unspecified"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-50339",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2022-50339"
},
{
"cve": "CVE-2022-50340",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2022-50340"
},
{
"cve": "CVE-2022-50341",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2022-50341"
},
{
"cve": "CVE-2022-50342",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2022-50342"
},
{
"cve": "CVE-2022-50343",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2022-50343"
},
{
"cve": "CVE-2022-50344",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2022-50344"
},
{
"cve": "CVE-2022-50345",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2022-50345"
},
{
"cve": "CVE-2022-50346",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2022-50346"
},
{
"cve": "CVE-2022-50347",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2022-50347"
},
{
"cve": "CVE-2022-50348",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2022-50348"
},
{
"cve": "CVE-2022-50349",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2022-50349"
},
{
"cve": "CVE-2022-50350",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2022-50350"
},
{
"cve": "CVE-2022-50351",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2022-50351"
},
{
"cve": "CVE-2022-50352",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2022-50352"
},
{
"cve": "CVE-2023-53304",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2023-53304"
},
{
"cve": "CVE-2023-53305",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2023-53305"
},
{
"cve": "CVE-2023-53306",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2023-53306"
},
{
"cve": "CVE-2023-53307",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2023-53307"
},
{
"cve": "CVE-2023-53308",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2023-53308"
},
{
"cve": "CVE-2023-53309",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2023-53309"
},
{
"cve": "CVE-2023-53310",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2023-53310"
},
{
"cve": "CVE-2023-53311",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2023-53311"
},
{
"cve": "CVE-2023-53312",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2023-53312"
},
{
"cve": "CVE-2023-53313",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2023-53313"
},
{
"cve": "CVE-2023-53314",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2023-53314"
},
{
"cve": "CVE-2023-53315",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2023-53315"
},
{
"cve": "CVE-2023-53316",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2023-53316"
},
{
"cve": "CVE-2023-53317",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2023-53317"
},
{
"cve": "CVE-2023-53318",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2023-53318"
},
{
"cve": "CVE-2023-53319",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2023-53319"
},
{
"cve": "CVE-2023-53320",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2023-53320"
},
{
"cve": "CVE-2023-53321",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2023-53321"
},
{
"cve": "CVE-2023-53322",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2023-53322"
},
{
"cve": "CVE-2023-53323",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2023-53323"
},
{
"cve": "CVE-2023-53324",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2023-53324"
},
{
"cve": "CVE-2023-53325",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2023-53325"
},
{
"cve": "CVE-2023-53326",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2023-53326"
},
{
"cve": "CVE-2023-53327",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2023-53327"
},
{
"cve": "CVE-2023-53328",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2023-53328"
},
{
"cve": "CVE-2023-53329",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2023-53329"
},
{
"cve": "CVE-2023-53330",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2023-53330"
},
{
"cve": "CVE-2023-53331",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2023-53331"
},
{
"cve": "CVE-2023-53332",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2023-53332"
},
{
"cve": "CVE-2023-53333",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2023-53333"
},
{
"cve": "CVE-2023-53334",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2023-53334"
},
{
"cve": "CVE-2025-39805",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2025-39805"
},
{
"cve": "CVE-2025-39806",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2025-39806"
},
{
"cve": "CVE-2025-39807",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2025-39807"
},
{
"cve": "CVE-2025-39808",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2025-39808"
},
{
"cve": "CVE-2025-39809",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2025-39809"
},
{
"cve": "CVE-2025-39810",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2025-39810"
},
{
"cve": "CVE-2025-39811",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2025-39811"
},
{
"cve": "CVE-2025-39812",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2025-39812"
},
{
"cve": "CVE-2025-39813",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2025-39813"
},
{
"cve": "CVE-2025-39814",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2025-39814"
},
{
"cve": "CVE-2025-39815",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2025-39815"
},
{
"cve": "CVE-2025-39816",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2025-39816"
},
{
"cve": "CVE-2025-39817",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2025-39817"
},
{
"cve": "CVE-2025-39818",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2025-39818"
},
{
"cve": "CVE-2025-39819",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2025-39819"
},
{
"cve": "CVE-2025-39820",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2025-39820"
},
{
"cve": "CVE-2025-39821",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2025-39821"
},
{
"cve": "CVE-2025-39822",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2025-39822"
},
{
"cve": "CVE-2025-39823",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2025-39823"
},
{
"cve": "CVE-2025-39824",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2025-39824"
},
{
"cve": "CVE-2025-39825",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2025-39825"
},
{
"cve": "CVE-2025-39826",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2025-39826"
},
{
"cve": "CVE-2025-39827",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2025-39827"
},
{
"cve": "CVE-2025-39828",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2025-39828"
},
{
"cve": "CVE-2025-39829",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2025-39829"
},
{
"cve": "CVE-2025-39830",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2025-39830"
},
{
"cve": "CVE-2025-39831",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2025-39831"
},
{
"cve": "CVE-2025-39832",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2025-39832"
},
{
"cve": "CVE-2025-39833",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2025-39833"
},
{
"cve": "CVE-2025-39834",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2025-39834"
},
{
"cve": "CVE-2025-39835",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2025-39835"
},
{
"cve": "CVE-2025-39836",
"product_status": {
"known_affected": [
"T028463",
"2951",
"T002207",
"67646",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2025-09-16T22:00:00.000+00:00",
"title": "CVE-2025-39836"
}
]
}
ghsa-64pc-rqj8-96w6
Vulnerability from github
Published
2025-09-16 15:32
Modified
2025-09-16 15:32
VLAI Severity ?
Details
In the Linux kernel, the following vulnerability has been resolved:
efi: stmm: Fix incorrect buffer allocation method
The communication buffer allocated by setup_mm_hdr() is later on passed to tee_shm_register_kernel_buf(). The latter expects those buffers to be contiguous pages, but setup_mm_hdr() just uses kmalloc(). That can cause various corruptions or BUGs, specifically since commit 9aec2fb0fd5e ("slab: allocate frozen pages"), though it was broken before as well.
Fix this by using alloc_pages_exact() instead of kmalloc().
{
"affected": [],
"aliases": [
"CVE-2025-39836"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-16T14:15:51Z",
"severity": null
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nefi: stmm: Fix incorrect buffer allocation method\n\nThe communication buffer allocated by setup_mm_hdr() is later on passed\nto tee_shm_register_kernel_buf(). The latter expects those buffers to be\ncontiguous pages, but setup_mm_hdr() just uses kmalloc(). That can cause\nvarious corruptions or BUGs, specifically since commit 9aec2fb0fd5e\n(\"slab: allocate frozen pages\"), though it was broken before as well.\n\nFix this by using alloc_pages_exact() instead of kmalloc().",
"id": "GHSA-64pc-rqj8-96w6",
"modified": "2025-09-16T15:32:36Z",
"published": "2025-09-16T15:32:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-39836"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/630c0e6064daf84f17aad1a7d9ca76b562e3fe47"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/77ff27ff0e4529a003c8a1c2492c111968c378d3"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c5e81e672699e0c5557b2b755cc8f7a69aa92bff"
}
],
"schema_version": "1.4.0",
"severity": []
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…