Vulnerability-Lookup

SUSE-SU-2026:0526-1

Vulnerability from csaf_suse - Published: 2026-02-14 19:33 - Updated: 2026-02-14 19:33

Summary

Security update for the Linux Kernel (Live Patch 35 for SUSE Linux Enterprise 15 SP4)

Notes

Title of the patch

Security update for the Linux Kernel (Live Patch 35 for SUSE Linux Enterprise 15 SP4)

Description of the patch

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.147 fixes various security issues The following security issues were fixed: - CVE-2023-53321: wifi: mac80211_hwsim: drop short frames (bsc#1250314). - CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access (bsc#1249455). - CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205). - CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).

Patchnames

SUSE-2026-526,SUSE-SLE-Module-Live-Patching-15-SP4-2026-526

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel (Live Patch 35 for SUSE Linux Enterprise 15 SP4)",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThis update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.147 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2023-53321: wifi: mac80211_hwsim: drop short frames (bsc#1250314).\n- CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access (bsc#1249455).\n- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).\n- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2026-526,SUSE-SLE-Module-Live-Patching-15-SP4-2026-526",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_0526-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2026:0526-1",
        "url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260526-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2026:0526-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024253.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1249205",
        "url": "https://bugzilla.suse.com/1249205"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1249455",
        "url": "https://bugzilla.suse.com/1249455"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1249480",
        "url": "https://bugzilla.suse.com/1249480"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1250314",
        "url": "https://bugzilla.suse.com/1250314"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-53321 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-53321/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-38111 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-38111/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-38352 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-38352/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-39742 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-39742/"
      }
    ],
    "title": "Security update for the Linux Kernel (Live Patch 35 for SUSE Linux Enterprise 15 SP4)",
    "tracking": {
      "current_release_date": "2026-02-14T19:33:43Z",
      "generator": {
        "date": "2026-02-14T19:33:43Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2026:0526-1",
      "initial_release_date": "2026-02-14T19:33:43Z",
      "revision_history": [
        {
          "date": "2026-02-14T19:33:43Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.ppc64le",
                "product": {
                  "name": "kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.ppc64le",
                  "product_id": "kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.s390x",
                "product": {
                  "name": "kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.s390x",
                  "product_id": "kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.x86_64",
                "product": {
                  "name": "kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.x86_64",
                  "product_id": "kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Live Patching 15 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Live Patching 15 SP4",
                  "product_id": "SUSE Linux Enterprise Live Patching 15 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-live-patching:15:sp4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP4",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.ppc64le"
        },
        "product_reference": "kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP4",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.s390x"
        },
        "product_reference": "kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP4",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.x86_64"
        },
        "product_reference": "kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-53321",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-53321"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211_hwsim: drop short frames\n\nWhile technically some control frames like ACK are shorter and\nend after Address 1, such frames shouldn\u0027t be forwarded through\nwmediumd or similar userspace, so require the full 3-address\nheader to avoid accessing invalid memory if shorter frames are\npassed in.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-53321",
          "url": "https://www.suse.com/security/cve/CVE-2023-53321"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1250313 for CVE-2023-53321",
          "url": "https://bugzilla.suse.com/1250313"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1250314 for CVE-2023-53321",
          "url": "https://bugzilla.suse.com/1250314"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-02-14T19:33:43Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-53321"
    },
    {
      "cve": "CVE-2025-38111",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-38111"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mdiobus: Fix potential out-of-bounds read/write access\n\nWhen using publicly available tools like \u0027mdio-tools\u0027 to read/write data\nfrom/to network interface and its PHY via mdiobus, there is no verification of\nparameters passed to the ioctl and it accepts any mdio address.\nCurrently there is support for 32 addresses in kernel via PHY_MAX_ADDR define,\nbut it is possible to pass higher value than that via ioctl.\nWhile read/write operation should generally fail in this case,\nmdiobus provides stats array, where wrong address may allow out-of-bounds\nread/write.\n\nFix that by adding address verification before read/write operation.\nWhile this excludes this access from any statistics, it improves security of\nread/write operation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-38111",
          "url": "https://www.suse.com/security/cve/CVE-2025-38111"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1245666 for CVE-2025-38111",
          "url": "https://bugzilla.suse.com/1245666"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1249455 for CVE-2025-38111",
          "url": "https://bugzilla.suse.com/1249455"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-02-14T19:33:43Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-38111"
    },
    {
      "cve": "CVE-2025-38352",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-38352"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nposix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()\n\nIf an exiting non-autoreaping task has already passed exit_notify() and\ncalls handle_posix_cpu_timers() from IRQ, it can be reaped by its parent\nor debugger right after unlock_task_sighand().\n\nIf a concurrent posix_cpu_timer_del() runs at that moment, it won\u0027t be\nable to detect timer-\u003eit.cpu.firing != 0: cpu_timer_task_rcu() and/or\nlock_task_sighand() will fail.\n\nAdd the tsk-\u003eexit_state check into run_posix_cpu_timers() to fix this.\n\nThis fix is not needed if CONFIG_POSIX_CPU_TIMERS_TASK_WORK=y, because\nexit_task_work() is called before exit_notify(). But the check still\nmakes sense, task_work_add(\u0026tsk-\u003eposix_cputimers_work.work) will fail\nanyway in this case.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-38352",
          "url": "https://www.suse.com/security/cve/CVE-2025-38352"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1246911 for CVE-2025-38352",
          "url": "https://bugzilla.suse.com/1246911"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1249205 for CVE-2025-38352",
          "url": "https://bugzilla.suse.com/1249205"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-02-14T19:33:43Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-38352"
    },
    {
      "cve": "CVE-2025-39742",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-39742"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask()\n\nThe function divides number of online CPUs by num_core_siblings, and\nlater checks the divider by zero. This implies a possibility to get\nand divide-by-zero runtime error. Fix it by moving the check prior to\ndivision. This also helps to save one indentation level.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-39742",
          "url": "https://www.suse.com/security/cve/CVE-2025-39742"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1247374 for CVE-2025-39742",
          "url": "https://bugzilla.suse.com/1247374"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1249479 for CVE-2025-39742",
          "url": "https://bugzilla.suse.com/1249479"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1249480 for CVE-2025-39742",
          "url": "https://bugzilla.suse.com/1249480"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1253291 for CVE-2025-39742",
          "url": "https://bugzilla.suse.com/1253291"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_147-default-19-150400.2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-02-14T19:33:43Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-39742"
    }
  ]
}

CVE-2025-38352 (GCVE-0-2025-38352)

Vulnerability from cvelistv5 – Published: 2025-07-22 08:04 – Updated: 2026-01-07 15:03

Title

posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()

Summary

In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() If an exiting non-autoreaping task has already passed exit_notify() and calls handle_posix_cpu_timers() from IRQ, it can be reaped by its parent or debugger right after unlock_task_sighand(). If a concurrent posix_cpu_timer_del() runs at that moment, it won't be able to detect timer->it.cpu.firing != 0: cpu_timer_task_rcu() and/or lock_task_sighand() will fail. Add the tsk->exit_state check into run_posix_cpu_timers() to fix this. This fix is not needed if CONFIG_POSIX_CPU_TIMERS_TASK_WORK=y, because exit_task_work() is called before exit_notify(). But the check still makes sense, task_work_add(&tsk->posix_cputimers_work.work) will fail anyway in this case.

Severity ?

7.4 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/78a4b8e3795b31dae…
	https://git.kernel.org/stable/c/c076635b3a42771ac…
	https://git.kernel.org/stable/c/2f3daa04a9328220d…
	https://git.kernel.org/stable/c/764a7a5dfda23f699…
	https://git.kernel.org/stable/c/2c72fe18cc5f9f175…
	https://git.kernel.org/stable/c/c29d5318708e67ac1…
	https://git.kernel.org/stable/c/460188bc042a3f40f…
	https://git.kernel.org/stable/c/f90fff1e152dedf52…

Impacted products

Vendor

Product

Version

Linux

Affected: 0bdd2ed4138ec04e09b4f8165981efc99e439f55 , < 78a4b8e3795b31dae58762bc091bb0f4f74a2200 (git)
Affected: 0bdd2ed4138ec04e09b4f8165981efc99e439f55 , < c076635b3a42771ace7d276de8dc3bc76ee2ba1b (git)
Affected: 0bdd2ed4138ec04e09b4f8165981efc99e439f55 , < 2f3daa04a9328220de46f0d5c919a6c0073a9f0b (git)
Affected: 0bdd2ed4138ec04e09b4f8165981efc99e439f55 , < 764a7a5dfda23f69919441f2eac2a83e7db6e5bb (git)
Affected: 0bdd2ed4138ec04e09b4f8165981efc99e439f55 , < 2c72fe18cc5f9f1750f5bc148cf1c94c29e106ff (git)
Affected: 0bdd2ed4138ec04e09b4f8165981efc99e439f55 , < c29d5318708e67ac13c1b6fc1007d179fb65b4d7 (git)
Affected: 0bdd2ed4138ec04e09b4f8165981efc99e439f55 , < 460188bc042a3f40f72d34b9f7fc6ee66b0b757b (git)
Affected: 0bdd2ed4138ec04e09b4f8165981efc99e439f55 , < f90fff1e152dedf52b932240ebbd670d83330eca (git)

Linux

Affected: 2.6.36
Unaffected: 0 , < 2.6.36 (semver)
Unaffected: 5.4.295 , ≤ 5.4.* (semver)
Unaffected: 5.10.239 , ≤ 5.10.* (semver)
Unaffected: 5.15.186 , ≤ 5.15.* (semver)
Unaffected: 6.1.142 , ≤ 6.1.* (semver)
Unaffected: 6.6.94 , ≤ 6.6.* (semver)
Unaffected: 6.12.34 , ≤ 6.12.* (semver)
Unaffected: 6.15.3 , ≤ 6.15.* (semver)
Unaffected: 6.16 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.4,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-38352",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-05T03:55:31.566379Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2025-09-04",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-38352"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-367",
                "description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-07T15:03:54.648Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-38352"
          },
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/farazsth98/chronomaly"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T17:37:02.965Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "kernel/time/posix-cpu-timers.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "78a4b8e3795b31dae58762bc091bb0f4f74a2200",
              "status": "affected",
              "version": "0bdd2ed4138ec04e09b4f8165981efc99e439f55",
              "versionType": "git"
            },
            {
              "lessThan": "c076635b3a42771ace7d276de8dc3bc76ee2ba1b",
              "status": "affected",
              "version": "0bdd2ed4138ec04e09b4f8165981efc99e439f55",
              "versionType": "git"
            },
            {
              "lessThan": "2f3daa04a9328220de46f0d5c919a6c0073a9f0b",
              "status": "affected",
              "version": "0bdd2ed4138ec04e09b4f8165981efc99e439f55",
              "versionType": "git"
            },
            {
              "lessThan": "764a7a5dfda23f69919441f2eac2a83e7db6e5bb",
              "status": "affected",
              "version": "0bdd2ed4138ec04e09b4f8165981efc99e439f55",
              "versionType": "git"
            },
            {
              "lessThan": "2c72fe18cc5f9f1750f5bc148cf1c94c29e106ff",
              "status": "affected",
              "version": "0bdd2ed4138ec04e09b4f8165981efc99e439f55",
              "versionType": "git"
            },
            {
              "lessThan": "c29d5318708e67ac13c1b6fc1007d179fb65b4d7",
              "status": "affected",
              "version": "0bdd2ed4138ec04e09b4f8165981efc99e439f55",
              "versionType": "git"
            },
            {
              "lessThan": "460188bc042a3f40f72d34b9f7fc6ee66b0b757b",
              "status": "affected",
              "version": "0bdd2ed4138ec04e09b4f8165981efc99e439f55",
              "versionType": "git"
            },
            {
              "lessThan": "f90fff1e152dedf52b932240ebbd670d83330eca",
              "status": "affected",
              "version": "0bdd2ed4138ec04e09b4f8165981efc99e439f55",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "kernel/time/posix-cpu-timers.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.36"
            },
            {
              "lessThan": "2.6.36",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.295",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.239",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.186",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.142",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.94",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.34",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.15.*",
              "status": "unaffected",
              "version": "6.15.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.16",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.295",
                  "versionStartIncluding": "2.6.36",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.239",
                  "versionStartIncluding": "2.6.36",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.186",
                  "versionStartIncluding": "2.6.36",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.142",
                  "versionStartIncluding": "2.6.36",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.94",
                  "versionStartIncluding": "2.6.36",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.34",
                  "versionStartIncluding": "2.6.36",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.15.3",
                  "versionStartIncluding": "2.6.36",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.16",
                  "versionStartIncluding": "2.6.36",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nposix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()\n\nIf an exiting non-autoreaping task has already passed exit_notify() and\ncalls handle_posix_cpu_timers() from IRQ, it can be reaped by its parent\nor debugger right after unlock_task_sighand().\n\nIf a concurrent posix_cpu_timer_del() runs at that moment, it won\u0027t be\nable to detect timer-\u003eit.cpu.firing != 0: cpu_timer_task_rcu() and/or\nlock_task_sighand() will fail.\n\nAdd the tsk-\u003eexit_state check into run_posix_cpu_timers() to fix this.\n\nThis fix is not needed if CONFIG_POSIX_CPU_TIMERS_TASK_WORK=y, because\nexit_task_work() is called before exit_notify(). But the check still\nmakes sense, task_work_add(\u0026tsk-\u003eposix_cputimers_work.work) will fail\nanyway in this case."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-28T04:19:41.105Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/78a4b8e3795b31dae58762bc091bb0f4f74a2200"
        },
        {
          "url": "https://git.kernel.org/stable/c/c076635b3a42771ace7d276de8dc3bc76ee2ba1b"
        },
        {
          "url": "https://git.kernel.org/stable/c/2f3daa04a9328220de46f0d5c919a6c0073a9f0b"
        },
        {
          "url": "https://git.kernel.org/stable/c/764a7a5dfda23f69919441f2eac2a83e7db6e5bb"
        },
        {
          "url": "https://git.kernel.org/stable/c/2c72fe18cc5f9f1750f5bc148cf1c94c29e106ff"
        },
        {
          "url": "https://git.kernel.org/stable/c/c29d5318708e67ac13c1b6fc1007d179fb65b4d7"
        },
        {
          "url": "https://git.kernel.org/stable/c/460188bc042a3f40f72d34b9f7fc6ee66b0b757b"
        },
        {
          "url": "https://git.kernel.org/stable/c/f90fff1e152dedf52b932240ebbd670d83330eca"
        }
      ],
      "title": "posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-38352",
    "datePublished": "2025-07-22T08:04:25.277Z",
    "dateReserved": "2025-04-16T04:51:24.006Z",
    "dateUpdated": "2026-01-07T15:03:54.648Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-53321 (GCVE-0-2023-53321)

Vulnerability from cvelistv5 – Published: 2025-09-16 16:11 – Updated: 2026-01-14 18:32

Title

wifi: mac80211_hwsim: drop short frames

Summary

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211_hwsim: drop short frames While technically some control frames like ACK are shorter and end after Address 1, such frames shouldn't be forwarded through wmediumd or similar userspace, so require the full 3-address header to avoid accessing invalid memory if shorter frames are passed in.

Severity ?

7.1 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CWE

CWE-noinfo Not enough information

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/3beb97bed860d95b1…
	https://git.kernel.org/stable/c/672205c6f2d11978f…
	https://git.kernel.org/stable/c/c64ee9dd335832d5e…
	https://git.kernel.org/stable/c/b9a175e3b250b0dc6…
	https://git.kernel.org/stable/c/89a41ed7f21476301…
	https://git.kernel.org/stable/c/fba360a047d5eeeb9…

Impacted products

Vendor

Product

Version

Linux

Affected: 05d610af3e71a782fa28a1351b687da982d208ee , < 3beb97bed860d95b14ad23578ce8ddaea62023db (git)
Affected: 05d610af3e71a782fa28a1351b687da982d208ee , < 672205c6f2d11978fcd7f0f336bb2c708e28874b (git)
Affected: 05d610af3e71a782fa28a1351b687da982d208ee , < c64ee9dd335832d5e2ab0a8fc83a34ad4c729799 (git)
Affected: 05d610af3e71a782fa28a1351b687da982d208ee , < b9a175e3b250b0dc6e152988040aa5014e98e61e (git)
Affected: 05d610af3e71a782fa28a1351b687da982d208ee , < 89a41ed7f21476301659ebd25ccb48a60791c1a7 (git)
Affected: 05d610af3e71a782fa28a1351b687da982d208ee , < fba360a047d5eeeb9d4b7c3a9b1c8308980ce9a6 (git)

Linux

Affected: 5.4
Unaffected: 0 , < 5.4 (semver)
Unaffected: 5.4.257 , ≤ 5.4.* (semver)
Unaffected: 5.10.197 , ≤ 5.10.* (semver)
Unaffected: 5.15.133 , ≤ 5.15.* (semver)
Unaffected: 6.1.55 , ≤ 6.1.* (semver)
Unaffected: 6.5.5 , ≤ 6.5.* (semver)
Unaffected: 6.6 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.1,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-53321",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-14T18:27:28.261822Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-14T18:32:58.479Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/virtual/mac80211_hwsim.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "3beb97bed860d95b14ad23578ce8ddaea62023db",
              "status": "affected",
              "version": "05d610af3e71a782fa28a1351b687da982d208ee",
              "versionType": "git"
            },
            {
              "lessThan": "672205c6f2d11978fcd7f0f336bb2c708e28874b",
              "status": "affected",
              "version": "05d610af3e71a782fa28a1351b687da982d208ee",
              "versionType": "git"
            },
            {
              "lessThan": "c64ee9dd335832d5e2ab0a8fc83a34ad4c729799",
              "status": "affected",
              "version": "05d610af3e71a782fa28a1351b687da982d208ee",
              "versionType": "git"
            },
            {
              "lessThan": "b9a175e3b250b0dc6e152988040aa5014e98e61e",
              "status": "affected",
              "version": "05d610af3e71a782fa28a1351b687da982d208ee",
              "versionType": "git"
            },
            {
              "lessThan": "89a41ed7f21476301659ebd25ccb48a60791c1a7",
              "status": "affected",
              "version": "05d610af3e71a782fa28a1351b687da982d208ee",
              "versionType": "git"
            },
            {
              "lessThan": "fba360a047d5eeeb9d4b7c3a9b1c8308980ce9a6",
              "status": "affected",
              "version": "05d610af3e71a782fa28a1351b687da982d208ee",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/virtual/mac80211_hwsim.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.4"
            },
            {
              "lessThan": "5.4",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.257",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.197",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.133",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.55",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.5",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.6",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.257",
                  "versionStartIncluding": "5.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.197",
                  "versionStartIncluding": "5.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.133",
                  "versionStartIncluding": "5.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.55",
                  "versionStartIncluding": "5.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5.5",
                  "versionStartIncluding": "5.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6",
                  "versionStartIncluding": "5.4",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211_hwsim: drop short frames\n\nWhile technically some control frames like ACK are shorter and\nend after Address 1, such frames shouldn\u0027t be forwarded through\nwmediumd or similar userspace, so require the full 3-address\nheader to avoid accessing invalid memory if shorter frames are\npassed in."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-05T10:19:26.112Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/3beb97bed860d95b14ad23578ce8ddaea62023db"
        },
        {
          "url": "https://git.kernel.org/stable/c/672205c6f2d11978fcd7f0f336bb2c708e28874b"
        },
        {
          "url": "https://git.kernel.org/stable/c/c64ee9dd335832d5e2ab0a8fc83a34ad4c729799"
        },
        {
          "url": "https://git.kernel.org/stable/c/b9a175e3b250b0dc6e152988040aa5014e98e61e"
        },
        {
          "url": "https://git.kernel.org/stable/c/89a41ed7f21476301659ebd25ccb48a60791c1a7"
        },
        {
          "url": "https://git.kernel.org/stable/c/fba360a047d5eeeb9d4b7c3a9b1c8308980ce9a6"
        }
      ],
      "title": "wifi: mac80211_hwsim: drop short frames",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-53321",
    "datePublished": "2025-09-16T16:11:57.206Z",
    "dateReserved": "2025-09-16T16:08:59.563Z",
    "dateUpdated": "2026-01-14T18:32:58.479Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-38111 (GCVE-0-2025-38111)

Vulnerability from cvelistv5 – Published: 2025-07-03 08:35 – Updated: 2025-11-03 17:34

Title

net/mdiobus: Fix potential out-of-bounds read/write access

Summary

In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of-bounds read/write access When using publicly available tools like 'mdio-tools' to read/write data from/to network interface and its PHY via mdiobus, there is no verification of parameters passed to the ioctl and it accepts any mdio address. Currently there is support for 32 addresses in kernel via PHY_MAX_ADDR define, but it is possible to pass higher value than that via ioctl. While read/write operation should generally fail in this case, mdiobus provides stats array, where wrong address may allow out-of-bounds read/write. Fix that by adding address verification before read/write operation. While this excludes this access from any statistics, it improves security of read/write operation.

Severity ?

No CVSS data available.

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/19c5875e26c4ed568…
	https://git.kernel.org/stable/c/014ad9210373d2104…
	https://git.kernel.org/stable/c/73d478234a619f347…
	https://git.kernel.org/stable/c/bab6bca0834cbb5be…
	https://git.kernel.org/stable/c/b02d9d2732483e670…
	https://git.kernel.org/stable/c/049af7ac45a6b4077…
	https://git.kernel.org/stable/c/0e629694126ca3889…

Impacted products

Vendor

Product

Version

Linux

Affected: 080bb352fad00d04995102f681b134e3754bfb6e , < 19c5875e26c4ed5686d82a7d8f7051385461b9eb (git)
Affected: 080bb352fad00d04995102f681b134e3754bfb6e , < 014ad9210373d2104f6ef10e6bb999a7a0a4c50e (git)
Affected: 080bb352fad00d04995102f681b134e3754bfb6e , < 73d478234a619f3476028cb02dee699c30ae8262 (git)
Affected: 080bb352fad00d04995102f681b134e3754bfb6e , < bab6bca0834cbb5be2a7cfe59ec6ad016ec72608 (git)
Affected: 080bb352fad00d04995102f681b134e3754bfb6e , < b02d9d2732483e670bc34cb233d28e1d43b15da4 (git)
Affected: 080bb352fad00d04995102f681b134e3754bfb6e , < 049af7ac45a6b407748ee0995278fd861e36df8f (git)
Affected: 080bb352fad00d04995102f681b134e3754bfb6e , < 0e629694126ca388916f059453a1c36adde219c4 (git)

Linux

Affected: 5.6
Unaffected: 0 , < 5.6 (semver)
Unaffected: 5.10.239 , ≤ 5.10.* (semver)
Unaffected: 5.15.186 , ≤ 5.15.* (semver)
Unaffected: 6.1.142 , ≤ 6.1.* (semver)
Unaffected: 6.6.94 , ≤ 6.6.* (semver)
Unaffected: 6.12.34 , ≤ 6.12.* (semver)
Unaffected: 6.15.3 , ≤ 6.15.* (semver)
Unaffected: 6.16 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T17:34:13.486Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/phy/mdio_bus.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "19c5875e26c4ed5686d82a7d8f7051385461b9eb",
              "status": "affected",
              "version": "080bb352fad00d04995102f681b134e3754bfb6e",
              "versionType": "git"
            },
            {
              "lessThan": "014ad9210373d2104f6ef10e6bb999a7a0a4c50e",
              "status": "affected",
              "version": "080bb352fad00d04995102f681b134e3754bfb6e",
              "versionType": "git"
            },
            {
              "lessThan": "73d478234a619f3476028cb02dee699c30ae8262",
              "status": "affected",
              "version": "080bb352fad00d04995102f681b134e3754bfb6e",
              "versionType": "git"
            },
            {
              "lessThan": "bab6bca0834cbb5be2a7cfe59ec6ad016ec72608",
              "status": "affected",
              "version": "080bb352fad00d04995102f681b134e3754bfb6e",
              "versionType": "git"
            },
            {
              "lessThan": "b02d9d2732483e670bc34cb233d28e1d43b15da4",
              "status": "affected",
              "version": "080bb352fad00d04995102f681b134e3754bfb6e",
              "versionType": "git"
            },
            {
              "lessThan": "049af7ac45a6b407748ee0995278fd861e36df8f",
              "status": "affected",
              "version": "080bb352fad00d04995102f681b134e3754bfb6e",
              "versionType": "git"
            },
            {
              "lessThan": "0e629694126ca388916f059453a1c36adde219c4",
              "status": "affected",
              "version": "080bb352fad00d04995102f681b134e3754bfb6e",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/phy/mdio_bus.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.6"
            },
            {
              "lessThan": "5.6",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.239",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.186",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.142",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.94",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.34",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.15.*",
              "status": "unaffected",
              "version": "6.15.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.16",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.239",
                  "versionStartIncluding": "5.6",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.186",
                  "versionStartIncluding": "5.6",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.142",
                  "versionStartIncluding": "5.6",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.94",
                  "versionStartIncluding": "5.6",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.34",
                  "versionStartIncluding": "5.6",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.15.3",
                  "versionStartIncluding": "5.6",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.16",
                  "versionStartIncluding": "5.6",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mdiobus: Fix potential out-of-bounds read/write access\n\nWhen using publicly available tools like \u0027mdio-tools\u0027 to read/write data\nfrom/to network interface and its PHY via mdiobus, there is no verification of\nparameters passed to the ioctl and it accepts any mdio address.\nCurrently there is support for 32 addresses in kernel via PHY_MAX_ADDR define,\nbut it is possible to pass higher value than that via ioctl.\nWhile read/write operation should generally fail in this case,\nmdiobus provides stats array, where wrong address may allow out-of-bounds\nread/write.\n\nFix that by adding address verification before read/write operation.\nWhile this excludes this access from any statistics, it improves security of\nread/write operation."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-28T04:12:27.829Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/19c5875e26c4ed5686d82a7d8f7051385461b9eb"
        },
        {
          "url": "https://git.kernel.org/stable/c/014ad9210373d2104f6ef10e6bb999a7a0a4c50e"
        },
        {
          "url": "https://git.kernel.org/stable/c/73d478234a619f3476028cb02dee699c30ae8262"
        },
        {
          "url": "https://git.kernel.org/stable/c/bab6bca0834cbb5be2a7cfe59ec6ad016ec72608"
        },
        {
          "url": "https://git.kernel.org/stable/c/b02d9d2732483e670bc34cb233d28e1d43b15da4"
        },
        {
          "url": "https://git.kernel.org/stable/c/049af7ac45a6b407748ee0995278fd861e36df8f"
        },
        {
          "url": "https://git.kernel.org/stable/c/0e629694126ca388916f059453a1c36adde219c4"
        }
      ],
      "title": "net/mdiobus: Fix potential out-of-bounds read/write access",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-38111",
    "datePublished": "2025-07-03T08:35:20.643Z",
    "dateReserved": "2025-04-16T04:51:23.985Z",
    "dateUpdated": "2025-11-03T17:34:13.486Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-39742 (GCVE-0-2025-39742)

Vulnerability from cvelistv5 – Published: 2025-09-11 16:52 – Updated: 2026-01-02 15:31

Title

RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask()

Summary

In the Linux kernel, the following vulnerability has been resolved: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() The function divides number of online CPUs by num_core_siblings, and later checks the divider by zero. This implies a possibility to get and divide-by-zero runtime error. Fix it by moving the check prior to division. This also helps to save one indentation level.

Severity ?

No CVSS data available.

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/9bba1a9994c523b44…
	https://git.kernel.org/stable/c/1a7cf828ed861de5b…
	https://git.kernel.org/stable/c/9d3211cb61a0773a2…
	https://git.kernel.org/stable/c/4b4317b0d758ff92b…
	https://git.kernel.org/stable/c/89fdac333a17ed990…
	https://git.kernel.org/stable/c/9b05e91afe948ed81…
	https://git.kernel.org/stable/c/31d0599a23efdbfe5…
	https://git.kernel.org/stable/c/ac53f377393cc8515…
	https://git.kernel.org/stable/c/59f7d2138591ef8f0…

Impacted products

Vendor

Product

Version

Linux

Affected: b094a36f90975373c3a241839869217a65f17d81 , < 9bba1a9994c523b44db64f63b564b4719ea2b7ef (git)
Affected: b094a36f90975373c3a241839869217a65f17d81 , < 1a7cf828ed861de5be1aff99e10f114b363c19d3 (git)
Affected: b094a36f90975373c3a241839869217a65f17d81 , < 9d3211cb61a0773a2440d0a0698c1e6e7429f907 (git)
Affected: b094a36f90975373c3a241839869217a65f17d81 , < 4b4317b0d758ff92ba96f4e448a8992a6fe607bf (git)
Affected: b094a36f90975373c3a241839869217a65f17d81 , < 89fdac333a17ed990b41565630ef4791782e02f5 (git)
Affected: b094a36f90975373c3a241839869217a65f17d81 , < 9b05e91afe948ed819bf87d7ba0fccf451ed79a6 (git)
Affected: b094a36f90975373c3a241839869217a65f17d81 , < 31d0599a23efdbfe579bfbd1eb8f8c942f13744d (git)
Affected: b094a36f90975373c3a241839869217a65f17d81 , < ac53f377393cc85156afdc90b636e84e544a6f96 (git)
Affected: b094a36f90975373c3a241839869217a65f17d81 , < 59f7d2138591ef8f0e4e4ab5f1ab674e8181ad3a (git)

Linux

Affected: 4.8
Unaffected: 0 , < 4.8 (semver)
Unaffected: 5.4.297 , ≤ 5.4.* (semver)
Unaffected: 5.10.241 , ≤ 5.10.* (semver)
Unaffected: 5.15.190 , ≤ 5.15.* (semver)
Unaffected: 6.1.149 , ≤ 6.1.* (semver)
Unaffected: 6.6.103 , ≤ 6.6.* (semver)
Unaffected: 6.12.43 , ≤ 6.12.* (semver)
Unaffected: 6.15.11 , ≤ 6.15.* (semver)
Unaffected: 6.16.2 , ≤ 6.16.* (semver)
Unaffected: 6.17 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T17:42:57.252Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/infiniband/hw/hfi1/affinity.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "9bba1a9994c523b44db64f63b564b4719ea2b7ef",
              "status": "affected",
              "version": "b094a36f90975373c3a241839869217a65f17d81",
              "versionType": "git"
            },
            {
              "lessThan": "1a7cf828ed861de5be1aff99e10f114b363c19d3",
              "status": "affected",
              "version": "b094a36f90975373c3a241839869217a65f17d81",
              "versionType": "git"
            },
            {
              "lessThan": "9d3211cb61a0773a2440d0a0698c1e6e7429f907",
              "status": "affected",
              "version": "b094a36f90975373c3a241839869217a65f17d81",
              "versionType": "git"
            },
            {
              "lessThan": "4b4317b0d758ff92ba96f4e448a8992a6fe607bf",
              "status": "affected",
              "version": "b094a36f90975373c3a241839869217a65f17d81",
              "versionType": "git"
            },
            {
              "lessThan": "89fdac333a17ed990b41565630ef4791782e02f5",
              "status": "affected",
              "version": "b094a36f90975373c3a241839869217a65f17d81",
              "versionType": "git"
            },
            {
              "lessThan": "9b05e91afe948ed819bf87d7ba0fccf451ed79a6",
              "status": "affected",
              "version": "b094a36f90975373c3a241839869217a65f17d81",
              "versionType": "git"
            },
            {
              "lessThan": "31d0599a23efdbfe579bfbd1eb8f8c942f13744d",
              "status": "affected",
              "version": "b094a36f90975373c3a241839869217a65f17d81",
              "versionType": "git"
            },
            {
              "lessThan": "ac53f377393cc85156afdc90b636e84e544a6f96",
              "status": "affected",
              "version": "b094a36f90975373c3a241839869217a65f17d81",
              "versionType": "git"
            },
            {
              "lessThan": "59f7d2138591ef8f0e4e4ab5f1ab674e8181ad3a",
              "status": "affected",
              "version": "b094a36f90975373c3a241839869217a65f17d81",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/infiniband/hw/hfi1/affinity.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.8"
            },
            {
              "lessThan": "4.8",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.297",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.241",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.190",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.149",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.103",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.43",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.15.*",
              "status": "unaffected",
              "version": "6.15.11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.16.*",
              "status": "unaffected",
              "version": "6.16.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.17",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.297",
                  "versionStartIncluding": "4.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.241",
                  "versionStartIncluding": "4.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.190",
                  "versionStartIncluding": "4.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.149",
                  "versionStartIncluding": "4.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.103",
                  "versionStartIncluding": "4.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.43",
                  "versionStartIncluding": "4.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.15.11",
                  "versionStartIncluding": "4.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.16.2",
                  "versionStartIncluding": "4.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.17",
                  "versionStartIncluding": "4.8",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask()\n\nThe function divides number of online CPUs by num_core_siblings, and\nlater checks the divider by zero. This implies a possibility to get\nand divide-by-zero runtime error. Fix it by moving the check prior to\ndivision. This also helps to save one indentation level."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-02T15:31:53.787Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/9bba1a9994c523b44db64f63b564b4719ea2b7ef"
        },
        {
          "url": "https://git.kernel.org/stable/c/1a7cf828ed861de5be1aff99e10f114b363c19d3"
        },
        {
          "url": "https://git.kernel.org/stable/c/9d3211cb61a0773a2440d0a0698c1e6e7429f907"
        },
        {
          "url": "https://git.kernel.org/stable/c/4b4317b0d758ff92ba96f4e448a8992a6fe607bf"
        },
        {
          "url": "https://git.kernel.org/stable/c/89fdac333a17ed990b41565630ef4791782e02f5"
        },
        {
          "url": "https://git.kernel.org/stable/c/9b05e91afe948ed819bf87d7ba0fccf451ed79a6"
        },
        {
          "url": "https://git.kernel.org/stable/c/31d0599a23efdbfe579bfbd1eb8f8c942f13744d"
        },
        {
          "url": "https://git.kernel.org/stable/c/ac53f377393cc85156afdc90b636e84e544a6f96"
        },
        {
          "url": "https://git.kernel.org/stable/c/59f7d2138591ef8f0e4e4ab5f1ab674e8181ad3a"
        }
      ],
      "title": "RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-39742",
    "datePublished": "2025-09-11T16:52:16.339Z",
    "dateReserved": "2025-04-16T07:20:57.120Z",
    "dateUpdated": "2026-01-02T15:31:53.787Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

SUSE-SU-2026:0526-1

CVE-2025-38352 (GCVE-0-2025-38352)

CVE-2023-53321 (GCVE-0-2023-53321)

CVE-2025-38111 (GCVE-0-2025-38111)

CVE-2025-39742 (GCVE-0-2025-39742)

Tags

Sightings

Nomenclature