cvelistv5 - cve-2025-21652

cve-2025-21652

Vulnerability from cvelistv5

Published

2025-01-19 10:18

Modified

2025-02-10 17:21

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix use-after-free in ipvlan_get_iflink(). syzbot presented an use-after-free report [0] regarding ipvlan and linkwatch. ipvlan does not hold a refcnt of the lower device unlike vlan and macvlan. If the linkwatch work is triggered for the ipvlan dev, the lower dev might have already been freed, resulting in UAF of ipvlan->phy_dev in ipvlan_get_iflink(). We can delay the lower dev unregistration like vlan and macvlan by holding the lower dev's refcnt in dev->netdev_ops->ndo_init() and releasing it in dev->priv_destructor(). Jakub pointed out calling .ndo_XXX after unregister_netdevice() has returned is error prone and suggested [1] addressing this UAF in the core by taking commit 750e51603395 ("net: avoid potential UAF in default_operstate()") further. Let's assume unregistering devices DOWN and use RCU protection in default_operstate() not to race with the device unregistration. [0]: BUG: KASAN: slab-use-after-free in ipvlan_get_iflink+0x84/0x88 drivers/net/ipvlan/ipvlan_main.c:353 Read of size 4 at addr ffff0000d768c0e0 by task kworker/u8:35/6944 CPU: 0 UID: 0 PID: 6944 Comm: kworker/u8:35 Not tainted 6.13.0-rc2-g9bc5c9515b48 #12 4c3cb9e8b4565456f6a355f312ff91f4f29b3c47 Hardware name: linux,dummy-virt (DT) Workqueue: events_unbound linkwatch_event Call trace: show_stack+0x38/0x50 arch/arm64/kernel/stacktrace.c:484 (C) __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0xbc/0x108 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:378 [inline] print_report+0x16c/0x6f0 mm/kasan/report.c:489 kasan_report+0xc0/0x120 mm/kasan/report.c:602 __asan_report_load4_noabort+0x20/0x30 mm/kasan/report_generic.c:380 ipvlan_get_iflink+0x84/0x88 drivers/net/ipvlan/ipvlan_main.c:353 dev_get_iflink+0x7c/0xd8 net/core/dev.c:674 default_operstate net/core/link_watch.c:45 [inline] rfc2863_policy+0x144/0x360 net/core/link_watch.c:72 linkwatch_do_dev+0x60/0x228 net/core/link_watch.c:175 __linkwatch_run_queue+0x2f4/0x5b8 net/core/link_watch.c:239 linkwatch_event+0x64/0xa8 net/core/link_watch.c:282 process_one_work+0x700/0x1398 kernel/workqueue.c:3229 process_scheduled_works kernel/workqueue.c:3310 [inline] worker_thread+0x8c4/0xe10 kernel/workqueue.c:3391 kthread+0x2b0/0x360 kernel/kthread.c:389 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:862 Allocated by task 9303: kasan_save_stack mm/kasan/common.c:47 [inline] kasan_save_track+0x30/0x68 mm/kasan/common.c:68 kasan_save_alloc_info+0x44/0x58 mm/kasan/generic.c:568 poison_kmalloc_redzone mm/kasan/common.c:377 [inline] __kasan_kmalloc+0x84/0xa0 mm/kasan/common.c:394 kasan_kmalloc include/linux/kasan.h:260 [inline] __do_kmalloc_node mm/slub.c:4283 [inline] __kmalloc_node_noprof+0x2a0/0x560 mm/slub.c:4289 __kvmalloc_node_noprof+0x9c/0x230 mm/util.c:650 alloc_netdev_mqs+0xb4/0x1118 net/core/dev.c:11209 rtnl_create_link+0x2b8/0xb60 net/core/rtnetlink.c:3595 rtnl_newlink_create+0x19c/0x868 net/core/rtnetlink.c:3771 __rtnl_newlink net/core/rtnetlink.c:3896 [inline] rtnl_newlink+0x122c/0x15c0 net/core/rtnetlink.c:4011 rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6901 netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2542 rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6928 netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline] netlink_unicast+0x618/0x838 net/netlink/af_netlink.c:1347 netlink_sendmsg+0x5fc/0x8b0 net/netlink/af_netlink.c:1891 sock_sendmsg_nosec net/socket.c:711 [inline] __sock_sendmsg net/socket.c:726 [inline] __sys_sendto+0x2ec/0x438 net/socket.c:2197 __do_sys_sendto net/socket.c:2204 [inline] __se_sys_sendto net/socket.c:2200 [inline] __arm64_sys_sendto+0xe4/0x110 net/socket.c:2200 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x90/0x278 arch/arm64/kernel/syscall.c:49 el0_svc_common+0x13c/0x250 arch/arm64/kernel/syscall.c:132 do_el0_svc+0x54/0x70 arch/arm64/kernel/syscall.c:151 el ---truncated---

References

URL	Tags
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/52a24538d569f48e79d1a169a5d359d384152950	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/ba9f7c16ec879c83bb4f80406773a911aace8267	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/cb358ff94154774d031159b018adf45e17673941	Patch

Impacted products

Vendor

Product

Version

▼

Linux

Version: 8c55facecd7ade835287298ce325f930d888d8ec
Version: 8c55facecd7ade835287298ce325f930d888d8ec
Version: 8c55facecd7ade835287298ce325f930d888d8ec

Linux

Version: 6.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-21652",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-10T17:11:55.315711Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-416",
                "description": "CWE-416 Use After Free",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-10T17:21:05.821Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/core/link_watch.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "ba9f7c16ec879c83bb4f80406773a911aace8267",
              "status": "affected",
              "version": "8c55facecd7ade835287298ce325f930d888d8ec",
              "versionType": "git"
            },
            {
              "lessThan": "52a24538d569f48e79d1a169a5d359d384152950",
              "status": "affected",
              "version": "8c55facecd7ade835287298ce325f930d888d8ec",
              "versionType": "git"
            },
            {
              "lessThan": "cb358ff94154774d031159b018adf45e17673941",
              "status": "affected",
              "version": "8c55facecd7ade835287298ce325f930d888d8ec",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/core/link_watch.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "lessThan": "6.2",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.72",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: Fix use-after-free in ipvlan_get_iflink().\n\nsyzbot presented an use-after-free report [0] regarding ipvlan and\nlinkwatch.\n\nipvlan does not hold a refcnt of the lower device unlike vlan and\nmacvlan.\n\nIf the linkwatch work is triggered for the ipvlan dev, the lower dev\nmight have already been freed, resulting in UAF of ipvlan-\u003ephy_dev in\nipvlan_get_iflink().\n\nWe can delay the lower dev unregistration like vlan and macvlan by\nholding the lower dev\u0027s refcnt in dev-\u003enetdev_ops-\u003endo_init() and\nreleasing it in dev-\u003epriv_destructor().\n\nJakub pointed out calling .ndo_XXX after unregister_netdevice() has\nreturned is error prone and suggested [1] addressing this UAF in the\ncore by taking commit 750e51603395 (\"net: avoid potential UAF in\ndefault_operstate()\") further.\n\nLet\u0027s assume unregistering devices DOWN and use RCU protection in\ndefault_operstate() not to race with the device unregistration.\n\n[0]:\nBUG: KASAN: slab-use-after-free in ipvlan_get_iflink+0x84/0x88 drivers/net/ipvlan/ipvlan_main.c:353\nRead of size 4 at addr ffff0000d768c0e0 by task kworker/u8:35/6944\n\nCPU: 0 UID: 0 PID: 6944 Comm: kworker/u8:35 Not tainted 6.13.0-rc2-g9bc5c9515b48 #12 4c3cb9e8b4565456f6a355f312ff91f4f29b3c47\nHardware name: linux,dummy-virt (DT)\nWorkqueue: events_unbound linkwatch_event\nCall trace:\n show_stack+0x38/0x50 arch/arm64/kernel/stacktrace.c:484 (C)\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xbc/0x108 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x16c/0x6f0 mm/kasan/report.c:489\n kasan_report+0xc0/0x120 mm/kasan/report.c:602\n __asan_report_load4_noabort+0x20/0x30 mm/kasan/report_generic.c:380\n ipvlan_get_iflink+0x84/0x88 drivers/net/ipvlan/ipvlan_main.c:353\n dev_get_iflink+0x7c/0xd8 net/core/dev.c:674\n default_operstate net/core/link_watch.c:45 [inline]\n rfc2863_policy+0x144/0x360 net/core/link_watch.c:72\n linkwatch_do_dev+0x60/0x228 net/core/link_watch.c:175\n __linkwatch_run_queue+0x2f4/0x5b8 net/core/link_watch.c:239\n linkwatch_event+0x64/0xa8 net/core/link_watch.c:282\n process_one_work+0x700/0x1398 kernel/workqueue.c:3229\n process_scheduled_works kernel/workqueue.c:3310 [inline]\n worker_thread+0x8c4/0xe10 kernel/workqueue.c:3391\n kthread+0x2b0/0x360 kernel/kthread.c:389\n ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:862\n\nAllocated by task 9303:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x30/0x68 mm/kasan/common.c:68\n kasan_save_alloc_info+0x44/0x58 mm/kasan/generic.c:568\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x84/0xa0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4283 [inline]\n __kmalloc_node_noprof+0x2a0/0x560 mm/slub.c:4289\n __kvmalloc_node_noprof+0x9c/0x230 mm/util.c:650\n alloc_netdev_mqs+0xb4/0x1118 net/core/dev.c:11209\n rtnl_create_link+0x2b8/0xb60 net/core/rtnetlink.c:3595\n rtnl_newlink_create+0x19c/0x868 net/core/rtnetlink.c:3771\n __rtnl_newlink net/core/rtnetlink.c:3896 [inline]\n rtnl_newlink+0x122c/0x15c0 net/core/rtnetlink.c:4011\n rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6901\n netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2542\n rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6928\n netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]\n netlink_unicast+0x618/0x838 net/netlink/af_netlink.c:1347\n netlink_sendmsg+0x5fc/0x8b0 net/netlink/af_netlink.c:1891\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg net/socket.c:726 [inline]\n __sys_sendto+0x2ec/0x438 net/socket.c:2197\n __do_sys_sendto net/socket.c:2204 [inline]\n __se_sys_sendto net/socket.c:2200 [inline]\n __arm64_sys_sendto+0xe4/0x110 net/socket.c:2200\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x90/0x278 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x13c/0x250 arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x54/0x70 arch/arm64/kernel/syscall.c:151\n el\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-20T06:30:12.787Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/ba9f7c16ec879c83bb4f80406773a911aace8267"
        },
        {
          "url": "https://git.kernel.org/stable/c/52a24538d569f48e79d1a169a5d359d384152950"
        },
        {
          "url": "https://git.kernel.org/stable/c/cb358ff94154774d031159b018adf45e17673941"
        }
      ],
      "title": "ipvlan: Fix use-after-free in ipvlan_get_iflink().",
      "x_generator": {
        "engine": "bippy-5f407fcff5a0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-21652",
    "datePublished": "2025-01-19T10:18:09.570Z",
    "dateReserved": "2024-12-29T08:45:45.729Z",
    "dateUpdated": "2025-02-10T17:21:05.821Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-21652\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-01-19T11:15:10.830\",\"lastModified\":\"2025-02-10T18:15:34.883\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nipvlan: Fix use-after-free in ipvlan_get_iflink().\\n\\nsyzbot presented an use-after-free report [0] regarding ipvlan and\\nlinkwatch.\\n\\nipvlan does not hold a refcnt of the lower device unlike vlan and\\nmacvlan.\\n\\nIf the linkwatch work is triggered for the ipvlan dev, the lower dev\\nmight have already been freed, resulting in UAF of ipvlan-\u003ephy_dev in\\nipvlan_get_iflink().\\n\\nWe can delay the lower dev unregistration like vlan and macvlan by\\nholding the lower dev\u0027s refcnt in dev-\u003enetdev_ops-\u003endo_init() and\\nreleasing it in dev-\u003epriv_destructor().\\n\\nJakub pointed out calling .ndo_XXX after unregister_netdevice() has\\nreturned is error prone and suggested [1] addressing this UAF in the\\ncore by taking commit 750e51603395 (\\\"net: avoid potential UAF in\\ndefault_operstate()\\\") further.\\n\\nLet\u0027s assume unregistering devices DOWN and use RCU protection in\\ndefault_operstate() not to race with the device unregistration.\\n\\n[0]:\\nBUG: KASAN: slab-use-after-free in ipvlan_get_iflink+0x84/0x88 drivers/net/ipvlan/ipvlan_main.c:353\\nRead of size 4 at addr ffff0000d768c0e0 by task kworker/u8:35/6944\\n\\nCPU: 0 UID: 0 PID: 6944 Comm: kworker/u8:35 Not tainted 6.13.0-rc2-g9bc5c9515b48 #12 4c3cb9e8b4565456f6a355f312ff91f4f29b3c47\\nHardware name: linux,dummy-virt (DT)\\nWorkqueue: events_unbound linkwatch_event\\nCall trace:\\n show_stack+0x38/0x50 arch/arm64/kernel/stacktrace.c:484 (C)\\n __dump_stack lib/dump_stack.c:94 [inline]\\n dump_stack_lvl+0xbc/0x108 lib/dump_stack.c:120\\n print_address_description mm/kasan/report.c:378 [inline]\\n print_report+0x16c/0x6f0 mm/kasan/report.c:489\\n kasan_report+0xc0/0x120 mm/kasan/report.c:602\\n __asan_report_load4_noabort+0x20/0x30 mm/kasan/report_generic.c:380\\n ipvlan_get_iflink+0x84/0x88 drivers/net/ipvlan/ipvlan_main.c:353\\n dev_get_iflink+0x7c/0xd8 net/core/dev.c:674\\n default_operstate net/core/link_watch.c:45 [inline]\\n rfc2863_policy+0x144/0x360 net/core/link_watch.c:72\\n linkwatch_do_dev+0x60/0x228 net/core/link_watch.c:175\\n __linkwatch_run_queue+0x2f4/0x5b8 net/core/link_watch.c:239\\n linkwatch_event+0x64/0xa8 net/core/link_watch.c:282\\n process_one_work+0x700/0x1398 kernel/workqueue.c:3229\\n process_scheduled_works kernel/workqueue.c:3310 [inline]\\n worker_thread+0x8c4/0xe10 kernel/workqueue.c:3391\\n kthread+0x2b0/0x360 kernel/kthread.c:389\\n ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:862\\n\\nAllocated by task 9303:\\n kasan_save_stack mm/kasan/common.c:47 [inline]\\n kasan_save_track+0x30/0x68 mm/kasan/common.c:68\\n kasan_save_alloc_info+0x44/0x58 mm/kasan/generic.c:568\\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\\n __kasan_kmalloc+0x84/0xa0 mm/kasan/common.c:394\\n kasan_kmalloc include/linux/kasan.h:260 [inline]\\n __do_kmalloc_node mm/slub.c:4283 [inline]\\n __kmalloc_node_noprof+0x2a0/0x560 mm/slub.c:4289\\n __kvmalloc_node_noprof+0x9c/0x230 mm/util.c:650\\n alloc_netdev_mqs+0xb4/0x1118 net/core/dev.c:11209\\n rtnl_create_link+0x2b8/0xb60 net/core/rtnetlink.c:3595\\n rtnl_newlink_create+0x19c/0x868 net/core/rtnetlink.c:3771\\n __rtnl_newlink net/core/rtnetlink.c:3896 [inline]\\n rtnl_newlink+0x122c/0x15c0 net/core/rtnetlink.c:4011\\n rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6901\\n netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2542\\n rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6928\\n netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]\\n netlink_unicast+0x618/0x838 net/netlink/af_netlink.c:1347\\n netlink_sendmsg+0x5fc/0x8b0 net/netlink/af_netlink.c:1891\\n sock_sendmsg_nosec net/socket.c:711 [inline]\\n __sock_sendmsg net/socket.c:726 [inline]\\n __sys_sendto+0x2ec/0x438 net/socket.c:2197\\n __do_sys_sendto net/socket.c:2204 [inline]\\n __se_sys_sendto net/socket.c:2200 [inline]\\n __arm64_sys_sendto+0xe4/0x110 net/socket.c:2200\\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\\n invoke_syscall+0x90/0x278 arch/arm64/kernel/syscall.c:49\\n el0_svc_common+0x13c/0x250 arch/arm64/kernel/syscall.c:132\\n do_el0_svc+0x54/0x70 arch/arm64/kernel/syscall.c:151\\n el\\n---truncated---\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ipvlan: Se ha corregido el error use-after-free en ipvlan_get_iflink(). syzbot present\u00f3 un informe de error use-after-free [0] sobre ipvlan y linkwatch. ipvlan no contiene un refcnt del dispositivo inferior a diferencia de vlan y macvlan. Si se activa el trabajo de linkwatch para el dispositivo ipvlan dev, es posible que el dispositivo inferior ya se haya liberado, lo que da como resultado un UAF de ipvlan-\u0026gt;phy_dev en ipvlan_get_iflink(). Podemos retrasar la anulaci\u00f3n del registro del dispositivo inferior como vlan y macvlan al retener el refcnt del dispositivo inferior en dev-\u0026gt;netdev_ops-\u0026gt;ndo_init() y liberarlo en dev-\u0026gt;priv_destructor(). Jakub se\u00f1al\u00f3 que llamar a .ndo_XXX despu\u00e9s de que unregister_netdevice() haya regresado es propenso a errores y sugiri\u00f3 [1] abordar este UAF en el n\u00facleo llevando m\u00e1s all\u00e1 el commit 750e51603395 (\\\"net: evitar un UAF potencial en default_operstate()\\\"). Supongamos que se cancela el registro de dispositivos y usemos la protecci\u00f3n RCU en default_operstate() para no competir con la cancelaci\u00f3n del registro del dispositivo. [0]: ERROR: KASAN: slab-use-after-free in ipvlan_get_iflink+0x84/0x88 drivers/net/ipvlan/ipvlan_main.c:353 Read of size 4 at addr ffff0000d768c0e0 by task kworker/u8:35/6944 CPU: 0 UID: 0 PID: 6944 Comm: kworker/u8:35 Not tainted 6.13.0-rc2-g9bc5c9515b48 #12 4c3cb9e8b4565456f6a355f312ff91f4f29b3c47 Hardware name: linux,dummy-virt (DT) Workqueue: events_unbound linkwatch_event Call trace: show_stack+0x38/0x50 arch/arm64/kernel/stacktrace.c:484 (C) __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0xbc/0x108 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:378 [inline] print_report+0x16c/0x6f0 mm/kasan/report.c:489 kasan_report+0xc0/0x120 mm/kasan/report.c:602 __asan_report_load4_noabort+0x20/0x30 mm/kasan/report_generic.c:380 ipvlan_get_iflink+0x84/0x88 drivers/net/ipvlan/ipvlan_main.c:353 dev_get_iflink+0x7c/0xd8 net/core/dev.c:674 default_operstate net/core/link_watch.c:45 [inline] rfc2863_policy+0x144/0x360 net/core/link_watch.c:72 linkwatch_do_dev+0x60/0x228 net/core/link_watch.c:175 __linkwatch_run_queue+0x2f4/0x5b8 net/core/link_watch.c:239 linkwatch_event+0x64/0xa8 net/core/link_watch.c:282 process_one_work+0x700/0x1398 kernel/workqueue.c:3229 process_scheduled_works kernel/workqueue.c:3310 [inline] worker_thread+0x8c4/0xe10 kernel/workqueue.c:3391 kthread+0x2b0/0x360 kernel/kthread.c:389 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:862 Allocated by task 9303: kasan_save_stack mm/kasan/common.c:47 [inline] kasan_save_track+0x30/0x68 mm/kasan/common.c:68 kasan_save_alloc_info+0x44/0x58 mm/kasan/generic.c:568 poison_kmalloc_redzone mm/kasan/common.c:377 [inline] __kasan_kmalloc+0x84/0xa0 mm/kasan/common.c:394 kasan_kmalloc include/linux/kasan.h:260 [inline] __do_kmalloc_node mm/slub.c:4283 [inline] __kmalloc_node_noprof+0x2a0/0x560 mm/slub.c:4289 __kvmalloc_node_noprof+0x9c/0x230 mm/util.c:650 alloc_netdev_mqs+0xb4/0x1118 net/core/dev.c:11209 rtnl_create_link+0x2b8/0xb60 net/core/rtnetlink.c:3595 rtnl_newlink_create+0x19c/0x868 net/core/rtnetlink.c:3771 __rtnl_newlink net/core/rtnetlink.c:3896 [inline] rtnl_newlink+0x122c/0x15c0 net/core/rtnetlink.c:4011 rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6901 netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2542 rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6928 netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline] netlink_unicast+0x618/0x838 net/netlink/af_netlink.c:1347 netlink_sendmsg+0x5fc/0x8b0 net/netlink/af_netlink.c:1891 sock_sendmsg_nosec net/socket.c:711 [inline] __sock_sendmsg net/socket.c:726 [inline] __sys_sendto+0x2ec/0x438 net/socket.c:2197 __do_sys_sendto net/socket.c:2204 [inline] __se_sys_sendto net/socket.c:2200 [inline] __arm64_sys_sendto+0xe4/0x110 net/socket.c:2200 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x90/0x278 arch/arm64/kernel/syscall.c:49 el0_svc_common+0x13c/0x250 arch/arm64/kernel/syscall.c:132 do_el0_svc+0x54/0x---truncado---\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.72\",\"matchCriteriaId\":\"33E12097-C88A-45B4-9677-2A961A08DD3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.12.10\",\"matchCriteriaId\":\"02D604F6-10D1-4F7B-A022-0888406A1121\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"62567B3C-6CEE-46D0-BC2E-B3717FBF7D13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A073481-106D-4B15-B4C7-FB0213B8E1D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE491969-75AE-4A6B-9A58-8FC5AF98798F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.13:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"93C0660D-7FB8-4FBA-892A-B064BA71E49E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.13:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"034C36A6-C481-41F3-AE9A-D116E5BE6895\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.13:rc6:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AF9DC49-2085-4FFB-A7E3-73DFAFECC7F2\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/52a24538d569f48e79d1a169a5d359d384152950\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/ba9f7c16ec879c83bb4f80406773a911aace8267\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/cb358ff94154774d031159b018adf45e17673941\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-21652\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-10T17:11:55.315711Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-416\", \"description\": \"CWE-416 Use After Free\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-10T17:11:56.683Z\"}}], \"cna\": {\"title\": \"ipvlan: Fix use-after-free in ipvlan_get_iflink().\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"8c55facecd7ade835287298ce325f930d888d8ec\", \"lessThan\": \"ba9f7c16ec879c83bb4f80406773a911aace8267\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"8c55facecd7ade835287298ce325f930d888d8ec\", \"lessThan\": \"52a24538d569f48e79d1a169a5d359d384152950\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"8c55facecd7ade835287298ce325f930d888d8ec\", \"lessThan\": \"cb358ff94154774d031159b018adf45e17673941\", \"versionType\": \"git\"}], \"programFiles\": [\"net/core/link_watch.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.2\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"6.2\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"6.6.72\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.6.*\"}, {\"status\": \"unaffected\", \"version\": \"6.12.10\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.12.*\"}, {\"status\": \"unaffected\", \"version\": \"6.13\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"net/core/link_watch.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/ba9f7c16ec879c83bb4f80406773a911aace8267\"}, {\"url\": \"https://git.kernel.org/stable/c/52a24538d569f48e79d1a169a5d359d384152950\"}, {\"url\": \"https://git.kernel.org/stable/c/cb358ff94154774d031159b018adf45e17673941\"}], \"x_generator\": {\"engine\": \"bippy-5f407fcff5a0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nipvlan: Fix use-after-free in ipvlan_get_iflink().\\n\\nsyzbot presented an use-after-free report [0] regarding ipvlan and\\nlinkwatch.\\n\\nipvlan does not hold a refcnt of the lower device unlike vlan and\\nmacvlan.\\n\\nIf the linkwatch work is triggered for the ipvlan dev, the lower dev\\nmight have already been freed, resulting in UAF of ipvlan-\u003ephy_dev in\\nipvlan_get_iflink().\\n\\nWe can delay the lower dev unregistration like vlan and macvlan by\\nholding the lower dev\u0027s refcnt in dev-\u003enetdev_ops-\u003endo_init() and\\nreleasing it in dev-\u003epriv_destructor().\\n\\nJakub pointed out calling .ndo_XXX after unregister_netdevice() has\\nreturned is error prone and suggested [1] addressing this UAF in the\\ncore by taking commit 750e51603395 (\\\"net: avoid potential UAF in\\ndefault_operstate()\\\") further.\\n\\nLet\u0027s assume unregistering devices DOWN and use RCU protection in\\ndefault_operstate() not to race with the device unregistration.\\n\\n[0]:\\nBUG: KASAN: slab-use-after-free in ipvlan_get_iflink+0x84/0x88 drivers/net/ipvlan/ipvlan_main.c:353\\nRead of size 4 at addr ffff0000d768c0e0 by task kworker/u8:35/6944\\n\\nCPU: 0 UID: 0 PID: 6944 Comm: kworker/u8:35 Not tainted 6.13.0-rc2-g9bc5c9515b48 #12 4c3cb9e8b4565456f6a355f312ff91f4f29b3c47\\nHardware name: linux,dummy-virt (DT)\\nWorkqueue: events_unbound linkwatch_event\\nCall trace:\\n show_stack+0x38/0x50 arch/arm64/kernel/stacktrace.c:484 (C)\\n __dump_stack lib/dump_stack.c:94 [inline]\\n dump_stack_lvl+0xbc/0x108 lib/dump_stack.c:120\\n print_address_description mm/kasan/report.c:378 [inline]\\n print_report+0x16c/0x6f0 mm/kasan/report.c:489\\n kasan_report+0xc0/0x120 mm/kasan/report.c:602\\n __asan_report_load4_noabort+0x20/0x30 mm/kasan/report_generic.c:380\\n ipvlan_get_iflink+0x84/0x88 drivers/net/ipvlan/ipvlan_main.c:353\\n dev_get_iflink+0x7c/0xd8 net/core/dev.c:674\\n default_operstate net/core/link_watch.c:45 [inline]\\n rfc2863_policy+0x144/0x360 net/core/link_watch.c:72\\n linkwatch_do_dev+0x60/0x228 net/core/link_watch.c:175\\n __linkwatch_run_queue+0x2f4/0x5b8 net/core/link_watch.c:239\\n linkwatch_event+0x64/0xa8 net/core/link_watch.c:282\\n process_one_work+0x700/0x1398 kernel/workqueue.c:3229\\n process_scheduled_works kernel/workqueue.c:3310 [inline]\\n worker_thread+0x8c4/0xe10 kernel/workqueue.c:3391\\n kthread+0x2b0/0x360 kernel/kthread.c:389\\n ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:862\\n\\nAllocated by task 9303:\\n kasan_save_stack mm/kasan/common.c:47 [inline]\\n kasan_save_track+0x30/0x68 mm/kasan/common.c:68\\n kasan_save_alloc_info+0x44/0x58 mm/kasan/generic.c:568\\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\\n __kasan_kmalloc+0x84/0xa0 mm/kasan/common.c:394\\n kasan_kmalloc include/linux/kasan.h:260 [inline]\\n __do_kmalloc_node mm/slub.c:4283 [inline]\\n __kmalloc_node_noprof+0x2a0/0x560 mm/slub.c:4289\\n __kvmalloc_node_noprof+0x9c/0x230 mm/util.c:650\\n alloc_netdev_mqs+0xb4/0x1118 net/core/dev.c:11209\\n rtnl_create_link+0x2b8/0xb60 net/core/rtnetlink.c:3595\\n rtnl_newlink_create+0x19c/0x868 net/core/rtnetlink.c:3771\\n __rtnl_newlink net/core/rtnetlink.c:3896 [inline]\\n rtnl_newlink+0x122c/0x15c0 net/core/rtnetlink.c:4011\\n rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6901\\n netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2542\\n rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6928\\n netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]\\n netlink_unicast+0x618/0x838 net/netlink/af_netlink.c:1347\\n netlink_sendmsg+0x5fc/0x8b0 net/netlink/af_netlink.c:1891\\n sock_sendmsg_nosec net/socket.c:711 [inline]\\n __sock_sendmsg net/socket.c:726 [inline]\\n __sys_sendto+0x2ec/0x438 net/socket.c:2197\\n __do_sys_sendto net/socket.c:2204 [inline]\\n __se_sys_sendto net/socket.c:2200 [inline]\\n __arm64_sys_sendto+0xe4/0x110 net/socket.c:2200\\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\\n invoke_syscall+0x90/0x278 arch/arm64/kernel/syscall.c:49\\n el0_svc_common+0x13c/0x250 arch/arm64/kernel/syscall.c:132\\n do_el0_svc+0x54/0x70 arch/arm64/kernel/syscall.c:151\\n el\\n---truncated---\"}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-01-20T06:30:12.787Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-21652\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-10T17:21:05.821Z\", \"dateReserved\": \"2024-12-29T08:45:45.729Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2025-01-19T10:18:09.570Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

fkie_cve-2025-21652

Vulnerability from fkie_nvd

Published

2025-01-19 11:15

Modified

2025-02-10 18:15

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/52a24538d569f48e79d1a169a5d359d384152950	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/ba9f7c16ec879c83bb4f80406773a911aace8267	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/cb358ff94154774d031159b018adf45e17673941	Patch

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	6.13
linux	linux_kernel	6.13
linux	linux_kernel	6.13
linux	linux_kernel	6.13
linux	linux_kernel	6.13
linux	linux_kernel	6.13

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "33E12097-C88A-45B4-9677-2A961A08DD3E",
              "versionEndExcluding": "6.6.72",
              "versionStartIncluding": "6.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "02D604F6-10D1-4F7B-A022-0888406A1121",
              "versionEndExcluding": "6.12.10",
              "versionStartIncluding": "6.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "62567B3C-6CEE-46D0-BC2E-B3717FBF7D13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "5A073481-106D-4B15-B4C7-FB0213B8E1D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "DE491969-75AE-4A6B-9A58-8FC5AF98798F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "93C0660D-7FB8-4FBA-892A-B064BA71E49E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "034C36A6-C481-41F3-AE9A-D116E5BE6895",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc6:*:*:*:*:*:*",
              "matchCriteriaId": "8AF9DC49-2085-4FFB-A7E3-73DFAFECC7F2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: Fix use-after-free in ipvlan_get_iflink().\n\nsyzbot presented an use-after-free report [0] regarding ipvlan and\nlinkwatch.\n\nipvlan does not hold a refcnt of the lower device unlike vlan and\nmacvlan.\n\nIf the linkwatch work is triggered for the ipvlan dev, the lower dev\nmight have already been freed, resulting in UAF of ipvlan-\u003ephy_dev in\nipvlan_get_iflink().\n\nWe can delay the lower dev unregistration like vlan and macvlan by\nholding the lower dev\u0027s refcnt in dev-\u003enetdev_ops-\u003endo_init() and\nreleasing it in dev-\u003epriv_destructor().\n\nJakub pointed out calling .ndo_XXX after unregister_netdevice() has\nreturned is error prone and suggested [1] addressing this UAF in the\ncore by taking commit 750e51603395 (\"net: avoid potential UAF in\ndefault_operstate()\") further.\n\nLet\u0027s assume unregistering devices DOWN and use RCU protection in\ndefault_operstate() not to race with the device unregistration.\n\n[0]:\nBUG: KASAN: slab-use-after-free in ipvlan_get_iflink+0x84/0x88 drivers/net/ipvlan/ipvlan_main.c:353\nRead of size 4 at addr ffff0000d768c0e0 by task kworker/u8:35/6944\n\nCPU: 0 UID: 0 PID: 6944 Comm: kworker/u8:35 Not tainted 6.13.0-rc2-g9bc5c9515b48 #12 4c3cb9e8b4565456f6a355f312ff91f4f29b3c47\nHardware name: linux,dummy-virt (DT)\nWorkqueue: events_unbound linkwatch_event\nCall trace:\n show_stack+0x38/0x50 arch/arm64/kernel/stacktrace.c:484 (C)\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xbc/0x108 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x16c/0x6f0 mm/kasan/report.c:489\n kasan_report+0xc0/0x120 mm/kasan/report.c:602\n __asan_report_load4_noabort+0x20/0x30 mm/kasan/report_generic.c:380\n ipvlan_get_iflink+0x84/0x88 drivers/net/ipvlan/ipvlan_main.c:353\n dev_get_iflink+0x7c/0xd8 net/core/dev.c:674\n default_operstate net/core/link_watch.c:45 [inline]\n rfc2863_policy+0x144/0x360 net/core/link_watch.c:72\n linkwatch_do_dev+0x60/0x228 net/core/link_watch.c:175\n __linkwatch_run_queue+0x2f4/0x5b8 net/core/link_watch.c:239\n linkwatch_event+0x64/0xa8 net/core/link_watch.c:282\n process_one_work+0x700/0x1398 kernel/workqueue.c:3229\n process_scheduled_works kernel/workqueue.c:3310 [inline]\n worker_thread+0x8c4/0xe10 kernel/workqueue.c:3391\n kthread+0x2b0/0x360 kernel/kthread.c:389\n ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:862\n\nAllocated by task 9303:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x30/0x68 mm/kasan/common.c:68\n kasan_save_alloc_info+0x44/0x58 mm/kasan/generic.c:568\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x84/0xa0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4283 [inline]\n __kmalloc_node_noprof+0x2a0/0x560 mm/slub.c:4289\n __kvmalloc_node_noprof+0x9c/0x230 mm/util.c:650\n alloc_netdev_mqs+0xb4/0x1118 net/core/dev.c:11209\n rtnl_create_link+0x2b8/0xb60 net/core/rtnetlink.c:3595\n rtnl_newlink_create+0x19c/0x868 net/core/rtnetlink.c:3771\n __rtnl_newlink net/core/rtnetlink.c:3896 [inline]\n rtnl_newlink+0x122c/0x15c0 net/core/rtnetlink.c:4011\n rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6901\n netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2542\n rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6928\n netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]\n netlink_unicast+0x618/0x838 net/netlink/af_netlink.c:1347\n netlink_sendmsg+0x5fc/0x8b0 net/netlink/af_netlink.c:1891\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg net/socket.c:726 [inline]\n __sys_sendto+0x2ec/0x438 net/socket.c:2197\n __do_sys_sendto net/socket.c:2204 [inline]\n __se_sys_sendto net/socket.c:2200 [inline]\n __arm64_sys_sendto+0xe4/0x110 net/socket.c:2200\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x90/0x278 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x13c/0x250 arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x54/0x70 arch/arm64/kernel/syscall.c:151\n el\n---truncated---"
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ipvlan: Se ha corregido el error use-after-free en ipvlan_get_iflink(). syzbot present\u00f3 un informe de error use-after-free [0] sobre ipvlan y linkwatch. ipvlan no contiene un refcnt del dispositivo inferior a diferencia de vlan y macvlan. Si se activa el trabajo de linkwatch para el dispositivo ipvlan dev, es posible que el dispositivo inferior ya se haya liberado, lo que da como resultado un UAF de ipvlan-\u0026gt;phy_dev en ipvlan_get_iflink(). Podemos retrasar la anulaci\u00f3n del registro del dispositivo inferior como vlan y macvlan al retener el refcnt del dispositivo inferior en dev-\u0026gt;netdev_ops-\u0026gt;ndo_init() y liberarlo en dev-\u0026gt;priv_destructor(). Jakub se\u00f1al\u00f3 que llamar a .ndo_XXX despu\u00e9s de que unregister_netdevice() haya regresado es propenso a errores y sugiri\u00f3 [1] abordar este UAF en el n\u00facleo llevando m\u00e1s all\u00e1 el commit 750e51603395 (\"net: evitar un UAF potencial en default_operstate()\"). Supongamos que se cancela el registro de dispositivos y usemos la protecci\u00f3n RCU en default_operstate() para no competir con la cancelaci\u00f3n del registro del dispositivo. [0]: ERROR: KASAN: slab-use-after-free in ipvlan_get_iflink+0x84/0x88 drivers/net/ipvlan/ipvlan_main.c:353 Read of size 4 at addr ffff0000d768c0e0 by task kworker/u8:35/6944 CPU: 0 UID: 0 PID: 6944 Comm: kworker/u8:35 Not tainted 6.13.0-rc2-g9bc5c9515b48 #12 4c3cb9e8b4565456f6a355f312ff91f4f29b3c47 Hardware name: linux,dummy-virt (DT) Workqueue: events_unbound linkwatch_event Call trace: show_stack+0x38/0x50 arch/arm64/kernel/stacktrace.c:484 (C) __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0xbc/0x108 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:378 [inline] print_report+0x16c/0x6f0 mm/kasan/report.c:489 kasan_report+0xc0/0x120 mm/kasan/report.c:602 __asan_report_load4_noabort+0x20/0x30 mm/kasan/report_generic.c:380 ipvlan_get_iflink+0x84/0x88 drivers/net/ipvlan/ipvlan_main.c:353 dev_get_iflink+0x7c/0xd8 net/core/dev.c:674 default_operstate net/core/link_watch.c:45 [inline] rfc2863_policy+0x144/0x360 net/core/link_watch.c:72 linkwatch_do_dev+0x60/0x228 net/core/link_watch.c:175 __linkwatch_run_queue+0x2f4/0x5b8 net/core/link_watch.c:239 linkwatch_event+0x64/0xa8 net/core/link_watch.c:282 process_one_work+0x700/0x1398 kernel/workqueue.c:3229 process_scheduled_works kernel/workqueue.c:3310 [inline] worker_thread+0x8c4/0xe10 kernel/workqueue.c:3391 kthread+0x2b0/0x360 kernel/kthread.c:389 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:862 Allocated by task 9303: kasan_save_stack mm/kasan/common.c:47 [inline] kasan_save_track+0x30/0x68 mm/kasan/common.c:68 kasan_save_alloc_info+0x44/0x58 mm/kasan/generic.c:568 poison_kmalloc_redzone mm/kasan/common.c:377 [inline] __kasan_kmalloc+0x84/0xa0 mm/kasan/common.c:394 kasan_kmalloc include/linux/kasan.h:260 [inline] __do_kmalloc_node mm/slub.c:4283 [inline] __kmalloc_node_noprof+0x2a0/0x560 mm/slub.c:4289 __kvmalloc_node_noprof+0x9c/0x230 mm/util.c:650 alloc_netdev_mqs+0xb4/0x1118 net/core/dev.c:11209 rtnl_create_link+0x2b8/0xb60 net/core/rtnetlink.c:3595 rtnl_newlink_create+0x19c/0x868 net/core/rtnetlink.c:3771 __rtnl_newlink net/core/rtnetlink.c:3896 [inline] rtnl_newlink+0x122c/0x15c0 net/core/rtnetlink.c:4011 rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6901 netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2542 rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6928 netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline] netlink_unicast+0x618/0x838 net/netlink/af_netlink.c:1347 netlink_sendmsg+0x5fc/0x8b0 net/netlink/af_netlink.c:1891 sock_sendmsg_nosec net/socket.c:711 [inline] __sock_sendmsg net/socket.c:726 [inline] __sys_sendto+0x2ec/0x438 net/socket.c:2197 __do_sys_sendto net/socket.c:2204 [inline] __se_sys_sendto net/socket.c:2200 [inline] __arm64_sys_sendto+0xe4/0x110 net/socket.c:2200 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x90/0x278 arch/arm64/kernel/syscall.c:49 el0_svc_common+0x13c/0x250 arch/arm64/kernel/syscall.c:132 do_el0_svc+0x54/0x---truncado---"
    }
  ],
  "id": "CVE-2025-21652",
  "lastModified": "2025-02-10T18:15:34.883",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-01-19T11:15:10.830",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/52a24538d569f48e79d1a169a5d359d384152950"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/ba9f7c16ec879c83bb4f80406773a911aace8267"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/cb358ff94154774d031159b018adf45e17673941"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

ghsa-p277-wqpc-75vw

Vulnerability from github

Published

2025-01-19 12:31

Modified

2025-02-03 15:32

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

In the Linux kernel, the following vulnerability has been resolved:

ipvlan: Fix use-after-free in ipvlan_get_iflink().

syzbot presented an use-after-free report [0] regarding ipvlan and linkwatch.

ipvlan does not hold a refcnt of the lower device unlike vlan and macvlan.

If the linkwatch work is triggered for the ipvlan dev, the lower dev might have already been freed, resulting in UAF of ipvlan->phy_dev in ipvlan_get_iflink().

We can delay the lower dev unregistration like vlan and macvlan by holding the lower dev's refcnt in dev->netdev_ops->ndo_init() and releasing it in dev->priv_destructor().

Jakub pointed out calling .ndo_XXX after unregister_netdevice() has returned is error prone and suggested [1] addressing this UAF in the core by taking commit 750e51603395 ("net: avoid potential UAF in default_operstate()") further.

Let's assume unregistering devices DOWN and use RCU protection in default_operstate() not to race with the device unregistration.

[0]: BUG: KASAN: slab-use-after-free in ipvlan_get_iflink+0x84/0x88 drivers/net/ipvlan/ipvlan_main.c:353 Read of size 4 at addr ffff0000d768c0e0 by task kworker/u8:35/6944

CPU: 0 UID: 0 PID: 6944 Comm: kworker/u8:35 Not tainted 6.13.0-rc2-g9bc5c9515b48 #12 4c3cb9e8b4565456f6a355f312ff91f4f29b3c47 Hardware name: linux,dummy-virt (DT) Workqueue: events_unbound linkwatch_event Call trace: show_stack+0x38/0x50 arch/arm64/kernel/stacktrace.c:484 (C) __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0xbc/0x108 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:378 [inline] print_report+0x16c/0x6f0 mm/kasan/report.c:489 kasan_report+0xc0/0x120 mm/kasan/report.c:602 __asan_report_load4_noabort+0x20/0x30 mm/kasan/report_generic.c:380 ipvlan_get_iflink+0x84/0x88 drivers/net/ipvlan/ipvlan_main.c:353 dev_get_iflink+0x7c/0xd8 net/core/dev.c:674 default_operstate net/core/link_watch.c:45 [inline] rfc2863_policy+0x144/0x360 net/core/link_watch.c:72 linkwatch_do_dev+0x60/0x228 net/core/link_watch.c:175 __linkwatch_run_queue+0x2f4/0x5b8 net/core/link_watch.c:239 linkwatch_event+0x64/0xa8 net/core/link_watch.c:282 process_one_work+0x700/0x1398 kernel/workqueue.c:3229 process_scheduled_works kernel/workqueue.c:3310 [inline] worker_thread+0x8c4/0xe10 kernel/workqueue.c:3391 kthread+0x2b0/0x360 kernel/kthread.c:389 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:862

Allocated by task 9303: kasan_save_stack mm/kasan/common.c:47 [inline] kasan_save_track+0x30/0x68 mm/kasan/common.c:68 kasan_save_alloc_info+0x44/0x58 mm/kasan/generic.c:568 poison_kmalloc_redzone mm/kasan/common.c:377 [inline] __kasan_kmalloc+0x84/0xa0 mm/kasan/common.c:394 kasan_kmalloc include/linux/kasan.h:260 [inline] __do_kmalloc_node mm/slub.c:4283 [inline] __kmalloc_node_noprof+0x2a0/0x560 mm/slub.c:4289 __kvmalloc_node_noprof+0x9c/0x230 mm/util.c:650 alloc_netdev_mqs+0xb4/0x1118 net/core/dev.c:11209 rtnl_create_link+0x2b8/0xb60 net/core/rtnetlink.c:3595 rtnl_newlink_create+0x19c/0x868 net/core/rtnetlink.c:3771 __rtnl_newlink net/core/rtnetlink.c:3896 [inline] rtnl_newlink+0x122c/0x15c0 net/core/rtnetlink.c:4011 rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6901 netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2542 rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6928 netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline] netlink_unicast+0x618/0x838 net/netlink/af_netlink.c:1347 netlink_sendmsg+0x5fc/0x8b0 net/netlink/af_netlink.c:1891 sock_sendmsg_nosec net/socket.c:711 [inline] __sock_sendmsg net/socket.c:726 [inline] __sys_sendto+0x2ec/0x438 net/socket.c:2197 __do_sys_sendto net/socket.c:2204 [inline] __se_sys_sendto net/socket.c:2200 [inline] __arm64_sys_sendto+0xe4/0x110 net/socket.c:2200 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x90/0x278 arch/arm64/kernel/syscall.c:49 el0_svc_common+0x13c/0x250 arch/arm64/kernel/syscall.c:132 do_el0_svc+0x54/0x70 arch/arm64/kernel/syscall.c:151 el ---truncated---

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-21652"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-19T11:15:10Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: Fix use-after-free in ipvlan_get_iflink().\n\nsyzbot presented an use-after-free report [0] regarding ipvlan and\nlinkwatch.\n\nipvlan does not hold a refcnt of the lower device unlike vlan and\nmacvlan.\n\nIf the linkwatch work is triggered for the ipvlan dev, the lower dev\nmight have already been freed, resulting in UAF of ipvlan-\u003ephy_dev in\nipvlan_get_iflink().\n\nWe can delay the lower dev unregistration like vlan and macvlan by\nholding the lower dev\u0027s refcnt in dev-\u003enetdev_ops-\u003endo_init() and\nreleasing it in dev-\u003epriv_destructor().\n\nJakub pointed out calling .ndo_XXX after unregister_netdevice() has\nreturned is error prone and suggested [1] addressing this UAF in the\ncore by taking commit 750e51603395 (\"net: avoid potential UAF in\ndefault_operstate()\") further.\n\nLet\u0027s assume unregistering devices DOWN and use RCU protection in\ndefault_operstate() not to race with the device unregistration.\n\n[0]:\nBUG: KASAN: slab-use-after-free in ipvlan_get_iflink+0x84/0x88 drivers/net/ipvlan/ipvlan_main.c:353\nRead of size 4 at addr ffff0000d768c0e0 by task kworker/u8:35/6944\n\nCPU: 0 UID: 0 PID: 6944 Comm: kworker/u8:35 Not tainted 6.13.0-rc2-g9bc5c9515b48 #12 4c3cb9e8b4565456f6a355f312ff91f4f29b3c47\nHardware name: linux,dummy-virt (DT)\nWorkqueue: events_unbound linkwatch_event\nCall trace:\n show_stack+0x38/0x50 arch/arm64/kernel/stacktrace.c:484 (C)\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xbc/0x108 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x16c/0x6f0 mm/kasan/report.c:489\n kasan_report+0xc0/0x120 mm/kasan/report.c:602\n __asan_report_load4_noabort+0x20/0x30 mm/kasan/report_generic.c:380\n ipvlan_get_iflink+0x84/0x88 drivers/net/ipvlan/ipvlan_main.c:353\n dev_get_iflink+0x7c/0xd8 net/core/dev.c:674\n default_operstate net/core/link_watch.c:45 [inline]\n rfc2863_policy+0x144/0x360 net/core/link_watch.c:72\n linkwatch_do_dev+0x60/0x228 net/core/link_watch.c:175\n __linkwatch_run_queue+0x2f4/0x5b8 net/core/link_watch.c:239\n linkwatch_event+0x64/0xa8 net/core/link_watch.c:282\n process_one_work+0x700/0x1398 kernel/workqueue.c:3229\n process_scheduled_works kernel/workqueue.c:3310 [inline]\n worker_thread+0x8c4/0xe10 kernel/workqueue.c:3391\n kthread+0x2b0/0x360 kernel/kthread.c:389\n ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:862\n\nAllocated by task 9303:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x30/0x68 mm/kasan/common.c:68\n kasan_save_alloc_info+0x44/0x58 mm/kasan/generic.c:568\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x84/0xa0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4283 [inline]\n __kmalloc_node_noprof+0x2a0/0x560 mm/slub.c:4289\n __kvmalloc_node_noprof+0x9c/0x230 mm/util.c:650\n alloc_netdev_mqs+0xb4/0x1118 net/core/dev.c:11209\n rtnl_create_link+0x2b8/0xb60 net/core/rtnetlink.c:3595\n rtnl_newlink_create+0x19c/0x868 net/core/rtnetlink.c:3771\n __rtnl_newlink net/core/rtnetlink.c:3896 [inline]\n rtnl_newlink+0x122c/0x15c0 net/core/rtnetlink.c:4011\n rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6901\n netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2542\n rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6928\n netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]\n netlink_unicast+0x618/0x838 net/netlink/af_netlink.c:1347\n netlink_sendmsg+0x5fc/0x8b0 net/netlink/af_netlink.c:1891\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg net/socket.c:726 [inline]\n __sys_sendto+0x2ec/0x438 net/socket.c:2197\n __do_sys_sendto net/socket.c:2204 [inline]\n __se_sys_sendto net/socket.c:2200 [inline]\n __arm64_sys_sendto+0xe4/0x110 net/socket.c:2200\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x90/0x278 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x13c/0x250 arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x54/0x70 arch/arm64/kernel/syscall.c:151\n el\n---truncated---",
  "id": "GHSA-p277-wqpc-75vw",
  "modified": "2025-02-03T15:32:01Z",
  "published": "2025-01-19T12:31:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21652"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/52a24538d569f48e79d1a169a5d359d384152950"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ba9f7c16ec879c83bb4f80406773a911aace8267"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/cb358ff94154774d031159b018adf45e17673941"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

wid-sec-w-2025-0119

Vulnerability from csaf_certbund

Published

2025-01-19 23:00

Modified

2025-01-19 23:00

Summary

Linux Kernel: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen oder andere nicht spezifizierte Auswirkungen zu verursachen.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren oder andere nicht spezifizierte Auswirkungen zu verursachen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-0119 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0119.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-0119 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0119"
      },
      {
        "category": "external",
        "summary": "Kernel CVE Announce Mailingliste",
        "url": "https://lore.kernel.org/linux-cve-announce/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57904",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011934-CVE-2024-57904-dac5@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57905",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011937-CVE-2024-57905-7d0d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57906",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011937-CVE-2024-57906-6e61@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57907",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011937-CVE-2024-57907-e5dd@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57908",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011938-CVE-2024-57908-654f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57909",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011938-CVE-2024-57909-ed6a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57910",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011938-CVE-2024-57910-e4e0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57911",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011939-CVE-2024-57911-0e13@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57912",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011939-CVE-2024-57912-6049@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57913",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011939-CVE-2024-57913-d69f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57914",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011940-CVE-2024-57914-33e0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57915",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011940-CVE-2024-57915-fc93@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57916",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011940-CVE-2024-57916-4116@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57917",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011941-CVE-2024-57917-f1e1@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57918",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011941-CVE-2024-57918-ad02@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57919",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011941-CVE-2024-57919-9800@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57920",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011942-CVE-2024-57920-b514@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57921",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011942-CVE-2024-57921-836d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57922",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011942-CVE-2024-57922-1f81@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57923",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011943-CVE-2024-57923-3c99@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57924",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011943-CVE-2024-57924-954a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57925",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011944-CVE-2024-57925-b738@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57926",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011944-CVE-2024-57926-023f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57927",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011944-CVE-2024-57927-fb00@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57928",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011945-CVE-2024-57928-7291@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57929",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011945-CVE-2024-57929-2b82@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-21631",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011939-CVE-2025-21631-5f2d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-21632",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011942-CVE-2025-21632-9fde@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-21633",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011942-CVE-2025-21633-a313@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-21634",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011942-CVE-2025-21634-011f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-21635",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011943-CVE-2025-21635-12e7@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-21636",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011943-CVE-2025-21636-0bb0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-21637",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011943-CVE-2025-21637-3dde@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-21638",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011944-CVE-2025-21638-35a8@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-21639",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011944-CVE-2025-21639-f1ca@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-21640",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011944-CVE-2025-21640-4dd1@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-21641",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011944-CVE-2025-21641-0897@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-21642",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011944-CVE-2025-21642-5728@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-21643",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011945-CVE-2025-21643-f3f6@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-21644",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011945-CVE-2025-21644-9113@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-21645",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011945-CVE-2025-21645-e342@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-21646",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011945-CVE-2025-21646-8f6e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-21647",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011946-CVE-2025-21647-51d8@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-21648",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011946-CVE-2025-21648-bcda@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-21649",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011946-CVE-2025-21649-f7ac@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-21650",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011946-CVE-2025-21650-3a74@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-21651",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011946-CVE-2025-21651-fbe8@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-21652",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011947-CVE-2025-21652-95d7@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-21653",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011947-CVE-2025-21653-b6c0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-21654",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011947-CVE-2025-21654-5eac@gregkh/"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-01-19T23:00:00.000+00:00",
      "generator": {
        "date": "2025-01-20T10:13:16.337+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.10"
        }
      },
      "id": "WID-SEC-W-2025-0119",
      "initial_release_date": "2025-01-19T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-01-19T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Linux Kernel",
            "product": {
              "name": "Open Source Linux Kernel",
              "product_id": "T008144",
              "product_identification_helper": {
                "cpe": "cpe:/a:linux:linux_kernel:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-57904",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2024-57904"
    },
    {
      "cve": "CVE-2024-57905",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2024-57905"
    },
    {
      "cve": "CVE-2024-57906",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2024-57906"
    },
    {
      "cve": "CVE-2024-57907",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2024-57907"
    },
    {
      "cve": "CVE-2024-57908",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2024-57908"
    },
    {
      "cve": "CVE-2024-57909",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2024-57909"
    },
    {
      "cve": "CVE-2024-57910",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2024-57910"
    },
    {
      "cve": "CVE-2024-57911",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2024-57911"
    },
    {
      "cve": "CVE-2024-57912",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2024-57912"
    },
    {
      "cve": "CVE-2024-57913",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2024-57913"
    },
    {
      "cve": "CVE-2024-57914",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2024-57914"
    },
    {
      "cve": "CVE-2024-57915",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2024-57915"
    },
    {
      "cve": "CVE-2024-57916",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2024-57916"
    },
    {
      "cve": "CVE-2024-57917",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2024-57917"
    },
    {
      "cve": "CVE-2024-57918",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2024-57918"
    },
    {
      "cve": "CVE-2024-57919",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2024-57919"
    },
    {
      "cve": "CVE-2024-57920",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2024-57920"
    },
    {
      "cve": "CVE-2024-57921",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2024-57921"
    },
    {
      "cve": "CVE-2024-57922",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2024-57922"
    },
    {
      "cve": "CVE-2024-57923",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2024-57923"
    },
    {
      "cve": "CVE-2024-57924",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2024-57924"
    },
    {
      "cve": "CVE-2024-57925",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2024-57925"
    },
    {
      "cve": "CVE-2024-57926",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2024-57926"
    },
    {
      "cve": "CVE-2024-57927",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2024-57927"
    },
    {
      "cve": "CVE-2024-57928",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2024-57928"
    },
    {
      "cve": "CVE-2024-57929",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2024-57929"
    },
    {
      "cve": "CVE-2025-21631",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2025-21631"
    },
    {
      "cve": "CVE-2025-21632",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2025-21632"
    },
    {
      "cve": "CVE-2025-21633",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2025-21633"
    },
    {
      "cve": "CVE-2025-21634",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2025-21634"
    },
    {
      "cve": "CVE-2025-21635",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2025-21635"
    },
    {
      "cve": "CVE-2025-21636",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2025-21636"
    },
    {
      "cve": "CVE-2025-21637",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2025-21637"
    },
    {
      "cve": "CVE-2025-21638",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2025-21638"
    },
    {
      "cve": "CVE-2025-21639",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2025-21639"
    },
    {
      "cve": "CVE-2025-21640",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2025-21640"
    },
    {
      "cve": "CVE-2025-21641",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2025-21641"
    },
    {
      "cve": "CVE-2025-21642",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2025-21642"
    },
    {
      "cve": "CVE-2025-21643",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2025-21643"
    },
    {
      "cve": "CVE-2025-21644",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2025-21644"
    },
    {
      "cve": "CVE-2025-21645",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2025-21645"
    },
    {
      "cve": "CVE-2025-21646",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2025-21646"
    },
    {
      "cve": "CVE-2025-21647",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2025-21647"
    },
    {
      "cve": "CVE-2025-21648",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2025-21648"
    },
    {
      "cve": "CVE-2025-21649",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2025-21649"
    },
    {
      "cve": "CVE-2025-21650",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2025-21650"
    },
    {
      "cve": "CVE-2025-21651",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2025-21651"
    },
    {
      "cve": "CVE-2025-21652",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2025-21652"
    },
    {
      "cve": "CVE-2025-21653",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2025-21653"
    },
    {
      "cve": "CVE-2025-21654",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008144"
        ]
      },
      "release_date": "2025-01-19T23:00:00.000+00:00",
      "title": "CVE-2025-21654"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2025-21652

Vulnerability from cvelistv5

fkie_cve-2025-21652

Vulnerability from fkie_nvd

ghsa-p277-wqpc-75vw

Vulnerability from github

wid-sec-w-2025-0119

Vulnerability from csaf_certbund

Tags

Sightings

Nomenclature