Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-37893 (GCVE-0-2025-37893)
Vulnerability from cvelistv5 – Published: 2025-04-18 07:01 – Updated: 2025-10-01 16:14
VLAI?
EPSS
Title
LoongArch: BPF: Fix off-by-one error in build_prologue()
Summary
In the Linux kernel, the following vulnerability has been resolved:
LoongArch: BPF: Fix off-by-one error in build_prologue()
Vincent reported that running BPF progs with tailcalls on LoongArch
causes kernel hard lockup. Debugging the issues shows that the JITed
image missing a jirl instruction at the end of the epilogue.
There are two passes in JIT compiling, the first pass set the flags and
the second pass generates JIT code based on those flags. With BPF progs
mixing bpf2bpf and tailcalls, build_prologue() generates N insns in the
first pass and then generates N+1 insns in the second pass. This makes
epilogue_offset off by one and we will jump to some unexpected insn and
cause lockup. Fix this by inserting a nop insn.
Severity ?
5.5 (Medium)
CWE
- CWE-193 - Off-by-one Error
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Linux | Linux |
Affected:
5dc615520c4dfb358245680f1904bad61116648e , < b3ffad2f02db4aace6799fe0049508b8925eae45
(git)
Affected: 5dc615520c4dfb358245680f1904bad61116648e , < 205a2182c51ffebaef54d643e3745e720cded08b (git) Affected: 5dc615520c4dfb358245680f1904bad61116648e , < c74d95a5679741ef428974ab788f5b0758dc78ae (git) Affected: 5dc615520c4dfb358245680f1904bad61116648e , < 48b904de2408af5f936f0e03f48dfcddeab58aa0 (git) Affected: 5dc615520c4dfb358245680f1904bad61116648e , < 7e2586991e36663c9bc48c828b83eab180ad30a9 (git) |
||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-37893",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-01T16:14:33.067841Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-193",
"description": "CWE-193 Off-by-one Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-01T16:14:37.219Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"arch/loongarch/net/bpf_jit.c",
"arch/loongarch/net/bpf_jit.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "b3ffad2f02db4aace6799fe0049508b8925eae45",
"status": "affected",
"version": "5dc615520c4dfb358245680f1904bad61116648e",
"versionType": "git"
},
{
"lessThan": "205a2182c51ffebaef54d643e3745e720cded08b",
"status": "affected",
"version": "5dc615520c4dfb358245680f1904bad61116648e",
"versionType": "git"
},
{
"lessThan": "c74d95a5679741ef428974ab788f5b0758dc78ae",
"status": "affected",
"version": "5dc615520c4dfb358245680f1904bad61116648e",
"versionType": "git"
},
{
"lessThan": "48b904de2408af5f936f0e03f48dfcddeab58aa0",
"status": "affected",
"version": "5dc615520c4dfb358245680f1904bad61116648e",
"versionType": "git"
},
{
"lessThan": "7e2586991e36663c9bc48c828b83eab180ad30a9",
"status": "affected",
"version": "5dc615520c4dfb358245680f1904bad61116648e",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"arch/loongarch/net/bpf_jit.c",
"arch/loongarch/net/bpf_jit.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.1"
},
{
"lessThan": "6.1",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.87",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.23",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"version": "6.13.11",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"version": "6.14.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.15",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.87",
"versionStartIncluding": "6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.23",
"versionStartIncluding": "6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.13.11",
"versionStartIncluding": "6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14.2",
"versionStartIncluding": "6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.15",
"versionStartIncluding": "6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nLoongArch: BPF: Fix off-by-one error in build_prologue()\n\nVincent reported that running BPF progs with tailcalls on LoongArch\ncauses kernel hard lockup. Debugging the issues shows that the JITed\nimage missing a jirl instruction at the end of the epilogue.\n\nThere are two passes in JIT compiling, the first pass set the flags and\nthe second pass generates JIT code based on those flags. With BPF progs\nmixing bpf2bpf and tailcalls, build_prologue() generates N insns in the\nfirst pass and then generates N+1 insns in the second pass. This makes\nepilogue_offset off by one and we will jump to some unexpected insn and\ncause lockup. Fix this by inserting a nop insn."
}
],
"providerMetadata": {
"dateUpdated": "2025-05-26T05:23:10.891Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/b3ffad2f02db4aace6799fe0049508b8925eae45"
},
{
"url": "https://git.kernel.org/stable/c/205a2182c51ffebaef54d643e3745e720cded08b"
},
{
"url": "https://git.kernel.org/stable/c/c74d95a5679741ef428974ab788f5b0758dc78ae"
},
{
"url": "https://git.kernel.org/stable/c/48b904de2408af5f936f0e03f48dfcddeab58aa0"
},
{
"url": "https://git.kernel.org/stable/c/7e2586991e36663c9bc48c828b83eab180ad30a9"
}
],
"title": "LoongArch: BPF: Fix off-by-one error in build_prologue()",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-37893",
"datePublished": "2025-04-18T07:01:28.856Z",
"dateReserved": "2025-04-16T04:51:23.964Z",
"dateUpdated": "2025-10-01T16:14:37.219Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-37893\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-04-18T07:15:42.983\",\"lastModified\":\"2025-10-01T17:15:45.737\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nLoongArch: BPF: Fix off-by-one error in build_prologue()\\n\\nVincent reported that running BPF progs with tailcalls on LoongArch\\ncauses kernel hard lockup. Debugging the issues shows that the JITed\\nimage missing a jirl instruction at the end of the epilogue.\\n\\nThere are two passes in JIT compiling, the first pass set the flags and\\nthe second pass generates JIT code based on those flags. With BPF progs\\nmixing bpf2bpf and tailcalls, build_prologue() generates N insns in the\\nfirst pass and then generates N+1 insns in the second pass. This makes\\nepilogue_offset off by one and we will jump to some unexpected insn and\\ncause lockup. Fix this by inserting a nop insn.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: LoongArch: BPF: Correcci\u00f3n de error de uno en build_prologue() Vincent inform\u00f3 que ejecutar programas BPF con llamadas de cola en LoongArch provoca un bloqueo duro del kernel. La depuraci\u00f3n de los problemas muestra que a la imagen JIT le falta una instrucci\u00f3n jirl al final del ep\u00edlogo. Hay dos pasos en la compilaci\u00f3n JIT, el primer paso establece los indicadores y el segundo paso genera c\u00f3digo JIT basado en esos indicadores. Con programas BPF que mezclan bpf2bpf y llamadas de cola, build_prologue() genera N insns en el primer paso y luego genera N + 1 insns en el segundo paso. Esto hace que epilogue_offset se desv\u00ede en uno y saltaremos a alg\u00fan insn inesperado y causaremos un bloqueo. Arregle esto insertando un insn nop.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-193\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-193\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.1\",\"versionEndExcluding\":\"6.1.134\",\"matchCriteriaId\":\"10FAA32F-8D33-4A36-8482-01961DD84A84\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.87\",\"matchCriteriaId\":\"EFF24260-49B1-4251-9477-C564CFDAD25B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.12.23\",\"matchCriteriaId\":\"26CAB76D-F00F-43CE-BEAD-7097F8FB1D6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.13\",\"versionEndExcluding\":\"6.13.11\",\"matchCriteriaId\":\"E7E864B0-8C00-4679-BA55-659B4C9C3AD3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.14\",\"versionEndExcluding\":\"6.14.2\",\"matchCriteriaId\":\"FADAE5D8-4808-442C-B218-77B2CE8780A0\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/205a2182c51ffebaef54d643e3745e720cded08b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/48b904de2408af5f936f0e03f48dfcddeab58aa0\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/7e2586991e36663c9bc48c828b83eab180ad30a9\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/b3ffad2f02db4aace6799fe0049508b8925eae45\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/c74d95a5679741ef428974ab788f5b0758dc78ae\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-37893\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-10-01T16:14:33.067841Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-193\", \"description\": \"CWE-193 Off-by-one Error\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-10-01T14:41:51.364Z\"}}], \"cna\": {\"title\": \"LoongArch: BPF: Fix off-by-one error in build_prologue()\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"5dc615520c4dfb358245680f1904bad61116648e\", \"lessThan\": \"b3ffad2f02db4aace6799fe0049508b8925eae45\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"5dc615520c4dfb358245680f1904bad61116648e\", \"lessThan\": \"205a2182c51ffebaef54d643e3745e720cded08b\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"5dc615520c4dfb358245680f1904bad61116648e\", \"lessThan\": \"c74d95a5679741ef428974ab788f5b0758dc78ae\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"5dc615520c4dfb358245680f1904bad61116648e\", \"lessThan\": \"48b904de2408af5f936f0e03f48dfcddeab58aa0\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"5dc615520c4dfb358245680f1904bad61116648e\", \"lessThan\": \"7e2586991e36663c9bc48c828b83eab180ad30a9\", \"versionType\": \"git\"}], \"programFiles\": [\"arch/loongarch/net/bpf_jit.c\", \"arch/loongarch/net/bpf_jit.h\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.1\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"6.1\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"6.6.87\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.6.*\"}, {\"status\": \"unaffected\", \"version\": \"6.12.23\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.12.*\"}, {\"status\": \"unaffected\", \"version\": \"6.13.11\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.13.*\"}, {\"status\": \"unaffected\", \"version\": \"6.14.2\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.14.*\"}, {\"status\": \"unaffected\", \"version\": \"6.15\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"arch/loongarch/net/bpf_jit.c\", \"arch/loongarch/net/bpf_jit.h\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/b3ffad2f02db4aace6799fe0049508b8925eae45\"}, {\"url\": \"https://git.kernel.org/stable/c/205a2182c51ffebaef54d643e3745e720cded08b\"}, {\"url\": \"https://git.kernel.org/stable/c/c74d95a5679741ef428974ab788f5b0758dc78ae\"}, {\"url\": \"https://git.kernel.org/stable/c/48b904de2408af5f936f0e03f48dfcddeab58aa0\"}, {\"url\": \"https://git.kernel.org/stable/c/7e2586991e36663c9bc48c828b83eab180ad30a9\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nLoongArch: BPF: Fix off-by-one error in build_prologue()\\n\\nVincent reported that running BPF progs with tailcalls on LoongArch\\ncauses kernel hard lockup. Debugging the issues shows that the JITed\\nimage missing a jirl instruction at the end of the epilogue.\\n\\nThere are two passes in JIT compiling, the first pass set the flags and\\nthe second pass generates JIT code based on those flags. With BPF progs\\nmixing bpf2bpf and tailcalls, build_prologue() generates N insns in the\\nfirst pass and then generates N+1 insns in the second pass. This makes\\nepilogue_offset off by one and we will jump to some unexpected insn and\\ncause lockup. Fix this by inserting a nop insn.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.6.87\", \"versionStartIncluding\": \"6.1\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.12.23\", \"versionStartIncluding\": \"6.1\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.13.11\", \"versionStartIncluding\": \"6.1\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.14.2\", \"versionStartIncluding\": \"6.1\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.15\", \"versionStartIncluding\": \"6.1\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-05-26T05:23:10.891Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-37893\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-01T16:14:37.219Z\", \"dateReserved\": \"2025-04-16T04:51:23.964Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2025-04-18T07:01:28.856Z\", \"assignerShortName\": \"Linux\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
MSRC_CVE-2025-37893
Vulnerability from csaf_microsoft - Published: 2025-04-02 00:00 - Updated: 2026-02-21 04:11Summary
LoongArch: BPF: Fix off-by-one error in build_prologue()
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
5.5 (Medium)
Vendor Fix
6.6.92.2-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade
https://learn.microsoft.com/en-us/azure/azure-lin…
References
| URL | Category | |
|---|---|---|
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2025-37893 LoongArch: BPF: Fix off-by-one error in build_prologue() - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-37893.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "LoongArch: BPF: Fix off-by-one error in build_prologue()",
"tracking": {
"current_release_date": "2026-02-21T04:11:47.000Z",
"generator": {
"date": "2026-02-25T09:08:59.074Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2025-37893",
"initial_release_date": "2025-04-02T00:00:00.000Z",
"revision_history": [
{
"date": "2025-07-11T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2026-02-21T04:11:47.000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Information published."
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 kernel 6.6.92.2-1",
"product": {
"name": "\u003cazl3 kernel 6.6.92.2-1",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "azl3 kernel 6.6.92.2-1",
"product": {
"name": "azl3 kernel 6.6.92.2-1",
"product_id": "19529"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 kernel 6.6.85.1-4",
"product": {
"name": "\u003cazl3 kernel 6.6.85.1-4",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "azl3 kernel 6.6.85.1-4",
"product": {
"name": "azl3 kernel 6.6.85.1-4",
"product_id": "19734"
}
}
],
"category": "product_name",
"name": "kernel"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 kernel 6.6.92.2-1 as a component of Azure Linux 3.0",
"product_id": "17084-2"
},
"product_reference": "2",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 kernel 6.6.92.2-1 as a component of Azure Linux 3.0",
"product_id": "19529-17084"
},
"product_reference": "19529",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 kernel 6.6.85.1-4 as a component of Azure Linux 3.0",
"product_id": "17084-1"
},
"product_reference": "1",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 kernel 6.6.85.1-4 as a component of Azure Linux 3.0",
"product_id": "19734-17084"
},
"product_reference": "19734",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-37893",
"notes": [
{
"category": "general",
"text": "Linux",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"19529-17084",
"19734-17084"
],
"known_affected": [
"17084-2",
"17084-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-37893 LoongArch: BPF: Fix off-by-one error in build_prologue() - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-37893.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-11T00:00:00.000Z",
"details": "6.6.92.2-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-2",
"17084-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalsScore": 0.0,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"17084-2",
"17084-1"
]
}
],
"title": "LoongArch: BPF: Fix off-by-one error in build_prologue()"
}
]
}
GHSA-3XJW-75CJ-9FVW
Vulnerability from github – Published: 2025-04-18 15:31 – Updated: 2025-04-29 18:30
VLAI?
Details
In the Linux kernel, the following vulnerability has been resolved:
LoongArch: BPF: Fix off-by-one error in build_prologue()
Vincent reported that running BPF progs with tailcalls on LoongArch causes kernel hard lockup. Debugging the issues shows that the JITed image missing a jirl instruction at the end of the epilogue.
There are two passes in JIT compiling, the first pass set the flags and the second pass generates JIT code based on those flags. With BPF progs mixing bpf2bpf and tailcalls, build_prologue() generates N insns in the first pass and then generates N+1 insns in the second pass. This makes epilogue_offset off by one and we will jump to some unexpected insn and cause lockup. Fix this by inserting a nop insn.
Severity ?
5.5 (Medium)
{
"affected": [],
"aliases": [
"CVE-2025-37893"
],
"database_specific": {
"cwe_ids": [
"CWE-193"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-18T07:15:42Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nLoongArch: BPF: Fix off-by-one error in build_prologue()\n\nVincent reported that running BPF progs with tailcalls on LoongArch\ncauses kernel hard lockup. Debugging the issues shows that the JITed\nimage missing a jirl instruction at the end of the epilogue.\n\nThere are two passes in JIT compiling, the first pass set the flags and\nthe second pass generates JIT code based on those flags. With BPF progs\nmixing bpf2bpf and tailcalls, build_prologue() generates N insns in the\nfirst pass and then generates N+1 insns in the second pass. This makes\nepilogue_offset off by one and we will jump to some unexpected insn and\ncause lockup. Fix this by inserting a nop insn.",
"id": "GHSA-3xjw-75cj-9fvw",
"modified": "2025-04-29T18:30:52Z",
"published": "2025-04-18T15:31:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-37893"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/205a2182c51ffebaef54d643e3745e720cded08b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/48b904de2408af5f936f0e03f48dfcddeab58aa0"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7e2586991e36663c9bc48c828b83eab180ad30a9"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b3ffad2f02db4aace6799fe0049508b8925eae45"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c74d95a5679741ef428974ab788f5b0758dc78ae"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e9ccb262b39ab01a5ac2e485b7996b8498e7b373"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
WID-SEC-W-2025-0861
Vulnerability from csaf_certbund - Published: 2025-04-21 22:00 - Updated: 2026-03-05 23:00Summary
Linux Kernel: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff: Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Zustand oder nicht näher spezifizierte Auswirkungen zu verursachen.
Betroffene Betriebssysteme: - Linux
References
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Zustand oder nicht n\u00e4her spezifizierte Auswirkungen zu verursachen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0861 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0861.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0861 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0861"
},
{
"category": "external",
"summary": "Kernel CVE Announce Mailingliste",
"url": "https://lore.kernel.org/linux-cve-announce/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2020-36789",
"url": "https://lore.kernel.org/linux-cve-announce/2025041732-CVE-2020-36789-bb60@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2021-47668",
"url": "https://lore.kernel.org/linux-cve-announce/2025041734-CVE-2021-47668-c0de@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2021-47669",
"url": "https://lore.kernel.org/linux-cve-announce/2025041734-CVE-2021-47669-f268@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2021-47670",
"url": "https://lore.kernel.org/linux-cve-announce/2025041734-CVE-2021-47670-2b77@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2021-47671",
"url": "https://lore.kernel.org/linux-cve-announce/2025041735-CVE-2021-47671-9b1a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37785",
"url": "https://lore.kernel.org/linux-cve-announce/2025041813-CVE-2025-37785-e13d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37838",
"url": "https://lore.kernel.org/linux-cve-announce/2025041858-CVE-2025-37838-2253@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37860",
"url": "https://lore.kernel.org/linux-cve-announce/2025041816-CVE-2025-37860-9af2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37893",
"url": "https://lore.kernel.org/linux-cve-announce/2025041816-CVE-2025-37893-57b4@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-37925",
"url": "https://lore.kernel.org/linux-cve-announce/2025041816-CVE-2025-37925-9765@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38049",
"url": "https://lore.kernel.org/linux-cve-announce/2025041817-CVE-2025-38049-7570@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38104",
"url": "https://lore.kernel.org/linux-cve-announce/2025041817-CVE-2025-38104-ef68@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38152",
"url": "https://lore.kernel.org/linux-cve-announce/2025041817-CVE-2025-38152-c8b3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38240",
"url": "https://lore.kernel.org/linux-cve-announce/2025041818-CVE-2025-38240-4787@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38479",
"url": "https://lore.kernel.org/linux-cve-announce/2025041818-CVE-2025-38479-4b98@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38575",
"url": "https://lore.kernel.org/linux-cve-announce/2025041818-CVE-2025-38575-2d0f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38637",
"url": "https://lore.kernel.org/linux-cve-announce/2025041819-CVE-2025-38637-8e27@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39688",
"url": "https://lore.kernel.org/linux-cve-announce/2025041819-CVE-2025-39688-80f1@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39728",
"url": "https://lore.kernel.org/linux-cve-announce/2025041820-CVE-2025-39728-8713@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39735",
"url": "https://lore.kernel.org/linux-cve-announce/2025041820-CVE-2025-39735-41c8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39755",
"url": "https://lore.kernel.org/linux-cve-announce/2025041820-CVE-2025-39755-f737@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39778",
"url": "https://lore.kernel.org/linux-cve-announce/2025041821-CVE-2025-39778-70fe@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39930",
"url": "https://lore.kernel.org/linux-cve-announce/2025041821-CVE-2025-39930-6fed@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-39989",
"url": "https://lore.kernel.org/linux-cve-announce/2025041821-CVE-2025-39989-5804@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40014",
"url": "https://lore.kernel.org/linux-cve-announce/2025041822-CVE-2025-40014-384f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40114",
"url": "https://lore.kernel.org/linux-cve-announce/2025041822-CVE-2025-40114-000e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40325",
"url": "https://lore.kernel.org/linux-cve-announce/2025041822-CVE-2025-40325-3cc4@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-40364",
"url": "https://lore.kernel.org/linux-cve-announce/2025041827-CVE-2025-40364-d93c@gregkh/"
},
{
"category": "external",
"summary": "Google Cloud Platform Security Bulletin GCP-2025-018 vom 2025-04-24",
"url": "https://cloud.google.com/support/bulletins#gcp-2025-018"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5907 vom 2025-04-27",
"url": "https://lists.debian.org/debian-security-announce/2025/msg00069.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1574-1 vom 2025-05-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020835.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1573-1 vom 2025-05-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020836.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01600-1 vom 2025-05-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020854.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01614-1 vom 2025-05-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020870.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01620-1 vom 2025-05-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020867.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01640-1 vom 2025-05-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020861.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01633-1 vom 2025-05-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020864.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01627-1 vom 2025-05-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020866.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4178 vom 2025-05-26",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01707-1 vom 2025-05-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020902.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4193 vom 2025-05-30",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20344-1 vom 2025-05-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020964.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20343-1 vom 2025-05-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020965.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8374 vom 2025-06-02",
"url": "https://access.redhat.com/errata/RHSA-2025:8374"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20354-1 vom 2025-06-02",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021016.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20355-1 vom 2025-06-02",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021015.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8643 vom 2025-06-09",
"url": "https://access.redhat.com/errata/RHSA-2025:8643"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-8643 vom 2025-06-10",
"url": "https://linux.oracle.com/errata/ELSA-2025-8643.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01919-1 vom 2025-06-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021477.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-20372 vom 2025-06-12",
"url": "https://linux.oracle.com/errata/ELSA-2025-20372.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01918-1 vom 2025-06-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021478.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01951-1 vom 2025-06-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021509.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01967-1 vom 2025-06-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021533.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01964-1 vom 2025-06-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021531.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01965-1 vom 2025-06-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021535.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01982-1 vom 2025-06-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021539.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20408-1 vom 2025-06-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021550.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20413-1 vom 2025-06-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021547.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01972-1 vom 2025-06-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021537.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01983-1 vom 2025-06-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021538.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7585-1 vom 2025-06-19",
"url": "https://ubuntu.com/security/notices/USN-7585-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02000-1 vom 2025-06-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021568.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7585-2 vom 2025-06-19",
"url": "https://ubuntu.com/security/notices/USN-7585-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20421-1 vom 2025-06-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021590.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20419-1 vom 2025-06-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021591.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7591-2 vom 2025-06-24",
"url": "https://ubuntu.com/security/notices/USN-7591-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7591-3 vom 2025-06-24",
"url": "https://ubuntu.com/security/notices/USN-7591-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7591-1 vom 2025-06-24",
"url": "https://ubuntu.com/security/notices/USN-7591-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7592-1 vom 2025-06-24",
"url": "https://ubuntu.com/security/notices/USN-7592-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7593-1 vom 2025-06-24",
"url": "https://ubuntu.com/security/notices/USN-7593-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7591-4 vom 2025-06-24",
"url": "https://ubuntu.com/security/notices/USN-7591-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7594-1 vom 2025-06-24",
"url": "https://ubuntu.com/security/notices/USN-7594-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7598-1 vom 2025-06-24",
"url": "https://ubuntu.com/security/notices/USN-7598-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7597-2 vom 2025-06-24",
"url": "https://ubuntu.com/security/notices/USN-7597-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7597-1 vom 2025-06-24",
"url": "https://ubuntu.com/security/notices/USN-7597-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7585-3 vom 2025-06-25",
"url": "https://ubuntu.com/security/notices/USN-7585-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7585-4 vom 2025-06-25",
"url": "https://ubuntu.com/security/notices/USN-7585-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7594-2 vom 2025-06-26",
"url": "https://ubuntu.com/security/notices/USN-7594-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7602-1 vom 2025-06-26",
"url": "https://ubuntu.com/security/notices/USN-7602-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02173-1 vom 2025-06-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021714.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7606-1 vom 2025-06-30",
"url": "https://ubuntu.com/security/notices/USN-7606-1"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.4-2025-102 vom 2025-06-30",
"url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.4-2025-102.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7605-1 vom 2025-06-30",
"url": "https://ubuntu.com/security/notices/USN-7605-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7585-5 vom 2025-06-30",
"url": "https://ubuntu.com/security/notices/USN-7585-5"
},
{
"category": "external",
"summary": "SEM 2025.2.1 release notes vom 2025-07-02",
"url": "https://documentation.solarwinds.com/en/success_center/sem/content/release_notes/sem_2025-2-1_release_notes.htm"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7585-6 vom 2025-07-03",
"url": "https://ubuntu.com/security/notices/USN-7585-6"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-8374 vom 2025-07-04",
"url": "https://linux.oracle.com/errata/ELSA-2025-8374.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7605-2 vom 2025-07-04",
"url": "https://ubuntu.com/security/notices/USN-7605-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7591-5 vom 2025-07-04",
"url": "https://ubuntu.com/security/notices/USN-7591-5"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-20406 vom 2025-07-08",
"url": "https://linux.oracle.com/errata/ELSA-2025-20406.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7628-1 vom 2025-07-09",
"url": "https://ubuntu.com/security/notices/USN-7628-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7594-3 vom 2025-07-09",
"url": "https://ubuntu.com/security/notices/USN-7594-3"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02254-1 vom 2025-07-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021770.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02262-1 vom 2025-07-10",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/B53IHD74IRNJDAOHBW4L7JGWNOM26XE7/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02307-1 vom 2025-07-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021804.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02321-1 vom 2025-07-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021811.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-20470 vom 2025-07-16",
"url": "https://linux.oracle.com/errata/ELSA-2025-20470.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02333-1 vom 2025-07-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021830.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-20471 vom 2025-07-16",
"url": "https://linux.oracle.com/errata/ELSA-2025-20471.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7640-1 vom 2025-07-16",
"url": "https://ubuntu.com/security/notices/USN-7640-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7585-7 vom 2025-07-16",
"url": "https://ubuntu.com/security/notices/USN-7585-7"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7591-6 vom 2025-07-17",
"url": "https://ubuntu.com/security/notices/USN-7591-6"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7654-1 vom 2025-07-18",
"url": "https://ubuntu.com/security/notices/USN-7654-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7654-2 vom 2025-07-18",
"url": "https://ubuntu.com/security/notices/USN-7654-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7654-3 vom 2025-07-18",
"url": "https://ubuntu.com/security/notices/USN-7654-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7655-1 vom 2025-07-18",
"url": "https://ubuntu.com/security/notices/USN-7655-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7654-4 vom 2025-07-22",
"url": "https://ubuntu.com/security/notices/USN-7654-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7654-5 vom 2025-07-29",
"url": "https://ubuntu.com/security/notices/USN-7654-5"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7686-1 vom 2025-08-05",
"url": "https://ubuntu.com/security/notices/USN-7686-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:13589 vom 2025-08-11",
"url": "https://access.redhat.com/errata/RHSA-2025:13589"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:13590 vom 2025-08-11",
"url": "https://access.redhat.com/errata/RHSA-2025:13590"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-13589 vom 2025-08-12",
"url": "https://linux.oracle.com/errata/ELSA-2025-13589.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5975 vom 2025-08-13",
"url": "https://lists.debian.org/debian-security-announce/2025/msg00139.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:14136 vom 2025-08-20",
"url": "https://access.redhat.com/errata/RHSA-2025:14136"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02923-1 vom 2025-08-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022237.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7712-1 vom 2025-08-22",
"url": "https://ubuntu.com/security/notices/USN-7712-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7711-1 vom 2025-08-22",
"url": "https://ubuntu.com/security/notices/USN-7711-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:14511 vom 2025-08-25",
"url": "https://access.redhat.com/errata/RHSA-2025:14511"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:14692 vom 2025-08-27",
"url": "https://access.redhat.com/errata/RHSA-2025:14692"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:15035 vom 2025-09-02",
"url": "https://access.redhat.com/errata/RHSA-2025:15035"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7712-2 vom 2025-09-02",
"url": "https://ubuntu.com/security/notices/USN-7712-2"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:13590 vom 2025-09-08",
"url": "https://errata.build.resf.org/RLSA-2025:13590"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-20553 vom 2025-09-10",
"url": "https://linux.oracle.com/errata/ELSA-2025-20553.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7792-1 vom 2025-10-01",
"url": "https://ubuntu.com/security/notices/USN-7792-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7797-1 vom 2025-10-02",
"url": "https://ubuntu.com/security/notices/USN-7797-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7796-1 vom 2025-10-02",
"url": "https://ubuntu.com/security/notices/USN-7796-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7795-1 vom 2025-10-02",
"url": "https://ubuntu.com/security/notices/USN-7795-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7801-1 vom 2025-10-02",
"url": "https://ubuntu.com/security/notices/USN-7801-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7792-2 vom 2025-10-02",
"url": "https://ubuntu.com/security/notices/USN-7792-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7800-1 vom 2025-10-02",
"url": "https://ubuntu.com/security/notices/USN-7800-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7799-1 vom 2025-10-02",
"url": "https://ubuntu.com/security/notices/USN-7799-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7797-2 vom 2025-10-02",
"url": "https://ubuntu.com/security/notices/USN-7797-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7796-3 vom 2025-10-02",
"url": "https://ubuntu.com/security/notices/USN-7796-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7795-2 vom 2025-10-02",
"url": "https://ubuntu.com/security/notices/USN-7796-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7795-2 vom 2025-10-02",
"url": "https://ubuntu.com/security/notices/USN-7795-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7801-2 vom 2025-10-06",
"url": "https://ubuntu.com/security/notices/USN-7801-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7792-3 vom 2025-10-08",
"url": "https://ubuntu.com/security/notices/USN-7792-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7809-1 vom 2025-10-08",
"url": "https://ubuntu.com/security/notices/USN-7809-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7808-1 vom 2025-10-08",
"url": "https://ubuntu.com/security/notices/USN-7808-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7795-3 vom 2025-10-08",
"url": "https://ubuntu.com/security/notices/USN-7795-3"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4328 vom 2025-10-13",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7796-4 vom 2025-10-13",
"url": "https://ubuntu.com/security/notices/USN-7796-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7819-1 vom 2025-10-13",
"url": "https://ubuntu.com/security/notices/USN-7819-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7820-1 vom 2025-10-13",
"url": "https://ubuntu.com/security/notices/USN-7820-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7808-2 vom 2025-10-14",
"url": "https://ubuntu.com/security/notices/USN-7808-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7801-3 vom 2025-10-15",
"url": "https://ubuntu.com/security/notices/USN-7801-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7819-2 vom 2025-10-22",
"url": "https://ubuntu.com/security/notices/USN-7819-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7835-2 vom 2025-10-22",
"url": "https://ubuntu.com/security/notices/USN-7835-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7835-3 vom 2025-10-22",
"url": "https://ubuntu.com/security/notices/USN-7835-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7835-1 vom 2025-10-22",
"url": "https://ubuntu.com/security/notices/USN-7835-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7795-4 vom 2025-10-24",
"url": "https://ubuntu.com/security/notices/USN-7795-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7854-1 vom 2025-10-30",
"url": "https://ubuntu.com/security/notices/USN-7854-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7853-2 vom 2025-10-30",
"url": "https://ubuntu.com/security/notices/USN-7853-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7853-1 vom 2025-10-30",
"url": "https://ubuntu.com/security/notices/USN-7853-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7835-4 vom 2025-10-31",
"url": "https://ubuntu.com/security/notices/USN-7835-4"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-390 vom 2025-11-05",
"url": "https://www.dell.com/support/kbdoc/000385230"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7861-1 vom 2025-11-06",
"url": "https://ubuntu.com/security/notices/USN-7861-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7835-5 vom 2025-11-06",
"url": "https://ubuntu.com/security/notices/USN-7835-5"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7795-5 vom 2025-11-07",
"url": "https://ubuntu.com/security/notices/USN-7795-5"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7864-1 vom 2025-11-07",
"url": "https://ubuntu.com/security/notices/USN-7864-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7861-2 vom 2025-11-07",
"url": "https://ubuntu.com/security/notices/USN-7861-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7853-3 vom 2025-11-07",
"url": "https://ubuntu.com/security/notices/USN-7853-3"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:2173-1 vom 2025-11-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023256.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7835-6 vom 2025-11-12",
"url": "https://ubuntu.com/security/notices/USN-7835-6"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7861-3 vom 2025-11-13",
"url": "https://ubuntu.com/security/notices/USN-7861-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7875-1 vom 2025-11-19",
"url": "https://ubuntu.com/security/notices/USN-7875-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7861-4 vom 2025-11-19",
"url": "https://ubuntu.com/security/notices/USN-7861-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7874-1 vom 2025-11-19",
"url": "https://ubuntu.com/security/notices/USN-7874-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7874-2 vom 2025-11-19",
"url": "https://ubuntu.com/security/notices/USN-7874-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7887-1 vom 2025-11-24",
"url": "https://ubuntu.com/security/notices/USN-7887-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7887-2 vom 2025-11-25",
"url": "https://ubuntu.com/security/notices/USN-7887-2"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025-20091-1 vom 2025-11-27",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QVNKE6YBHUN7AVUHO7UZCJJGK4HYS62H/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:21080-1 vom 2025-11-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023429.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7861-5 vom 2025-12-03",
"url": "https://ubuntu.com/security/notices/USN-7861-5"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7909-1 vom 2025-12-04",
"url": "https://ubuntu.com/security/notices/USN-7909-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7909-2 vom 2025-12-04",
"url": "https://ubuntu.com/security/notices/USN-7909-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7909-3 vom 2025-12-04",
"url": "https://ubuntu.com/security/notices/USN-7909-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7910-1 vom 2025-12-04",
"url": "https://ubuntu.com/security/notices/USN-7910-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7874-3 vom 2025-12-04",
"url": "https://ubuntu.com/security/notices/USN-7874-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7909-4 vom 2025-12-05",
"url": "https://ubuntu.com/security/notices/USN-7909-4"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:21147-1 vom 2025-12-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023511.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:21180-1 vom 2025-12-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023498.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7909-5 vom 2025-12-15",
"url": "https://ubuntu.com/security/notices/USN-7909-5"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7935-1 vom 2025-12-16",
"url": "https://ubuntu.com/security/notices/USN-7935-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7933-1 vom 2025-12-15",
"url": "https://ubuntu.com/security/notices/USN-7933-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7937-1 vom 2025-12-16",
"url": "https://ubuntu.com/security/notices/USN-7937-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7939-1 vom 2025-12-17",
"url": "https://ubuntu.com/security/notices/USN-7939-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7938-1 vom 2025-12-16",
"url": "https://ubuntu.com/security/notices/USN-7938-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7939-2 vom 2025-12-17",
"url": "https://ubuntu.com/security/notices/USN-7939-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7940-1 vom 2025-12-17",
"url": "https://ubuntu.com/security/notices/USN-7940-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7940-2 vom 2026-01-09",
"url": "https://ubuntu.com/security/notices/USN-7940-2"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-50006 vom 2026-01-15",
"url": "http://linux.oracle.com/errata/ELSA-2026-50006.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0140-1 vom 2026-01-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023783.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6126 vom 2026-02-09",
"url": "https://lists.debian.org/debian-security-announce/2026/msg00035.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6127 vom 2026-02-10",
"url": "https://lists.debian.org/debian-security-announce/2026/msg00036.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8028-1 vom 2026-02-11",
"url": "https://ubuntu.com/security/notices/USN-8028-1"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4476 vom 2026-02-11",
"url": "https://lists.debian.org/debian-lts-announce/2026/02/msg00017.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8031-1 vom 2026-02-12",
"url": "https://ubuntu.com/security/notices/USN-8031-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8028-2 vom 2026-02-12",
"url": "https://ubuntu.com/security/notices/USN-8028-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20327-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024168.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20328-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024167.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20300-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024190.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20302-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024188.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8028-3 vom 2026-02-17",
"url": "https://ubuntu.com/security/notices/USN-8028-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8028-5 vom 2026-02-17",
"url": "https://ubuntu.com/security/notices/USN-8028-5"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8028-4 vom 2026-02-17",
"url": "https://ubuntu.com/security/notices/USN-8028-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8031-2 vom 2026-02-18",
"url": "https://ubuntu.com/security/notices/USN-8031-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8052-1 vom 2026-02-19",
"url": "https://ubuntu.com/security/notices/USN-8052-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8031-3 vom 2026-02-19",
"url": "https://ubuntu.com/security/notices/USN-8031-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8028-6 vom 2026-02-19",
"url": "https://ubuntu.com/security/notices/USN-8028-6"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8028-7 vom 2026-02-19",
"url": "https://ubuntu.com/security/notices/USN-8028-7"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-50112 vom 2026-02-23",
"url": "https://linux.oracle.com/errata/ELSA-2026-50112.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8052-2 vom 2026-02-24",
"url": "https://ubuntu.com/security/notices/USN-8052-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8028-8 vom 2026-02-24",
"url": "https://ubuntu.com/security/notices/USN-8028-8"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8074-1 vom 2026-03-04",
"url": "https://ubuntu.com/security/notices/USN-8074-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8074-2 vom 2026-03-04",
"url": "https://ubuntu.com/security/notices/USN-8074-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20561-1 vom 2026-03-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024578.html"
}
],
"source_lang": "en-US",
"title": "Linux Kernel: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-03-05T23:00:00.000+00:00",
"generator": {
"date": "2026-03-06T10:22:28.366+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2025-0861",
"initial_release_date": "2025-04-21T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-04-21T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-04-24T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Google aufgenommen"
},
{
"date": "2025-04-27T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-05-18T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-05-20T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-05-21T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-05-26T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Debian und SUSE aufgenommen"
},
{
"date": "2025-05-29T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Debian und SUSE aufgenommen"
},
{
"date": "2025-06-01T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-06-02T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-09T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-06-10T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-06-11T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von SUSE und Oracle Linux aufgenommen"
},
{
"date": "2025-06-15T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-16T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-17T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-19T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Ubuntu und SUSE aufgenommen"
},
{
"date": "2025-06-23T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-06-24T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-06-25T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-06-26T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-06-30T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von SUSE, Ubuntu und Amazon aufgenommen"
},
{
"date": "2025-07-01T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-07-03T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-07-06T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-07-08T22:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Oracle Linux, Ubuntu und SUSE aufgenommen"
},
{
"date": "2025-07-09T22:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-07-14T22:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-07-15T22:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-07-16T22:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von SUSE und Oracle Linux aufgenommen"
},
{
"date": "2025-07-17T22:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-07-21T22:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-07-29T22:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-07-31T22:00:00.000+00:00",
"number": "34",
"summary": "Referenz(en) aufgenommen:"
},
{
"date": "2025-08-05T22:00:00.000+00:00",
"number": "35",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-08-10T22:00:00.000+00:00",
"number": "36",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-08-11T22:00:00.000+00:00",
"number": "37",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-08-13T22:00:00.000+00:00",
"number": "38",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-08-19T22:00:00.000+00:00",
"number": "39",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-08-24T22:00:00.000+00:00",
"number": "40",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-08-25T22:00:00.000+00:00",
"number": "41",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-08-26T22:00:00.000+00:00",
"number": "42",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-09-01T22:00:00.000+00:00",
"number": "43",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-09-02T22:00:00.000+00:00",
"number": "44",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-09-08T22:00:00.000+00:00",
"number": "45",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2025-09-09T22:00:00.000+00:00",
"number": "46",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-10-01T22:00:00.000+00:00",
"number": "47",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-10-05T22:00:00.000+00:00",
"number": "48",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-10-06T22:00:00.000+00:00",
"number": "49",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-10-07T22:00:00.000+00:00",
"number": "50",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-10-12T22:00:00.000+00:00",
"number": "51",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-10-13T22:00:00.000+00:00",
"number": "52",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-10-14T22:00:00.000+00:00",
"number": "53",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-10-15T22:00:00.000+00:00",
"number": "54",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-10-21T22:00:00.000+00:00",
"number": "55",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-10-22T22:00:00.000+00:00",
"number": "56",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-10-23T22:00:00.000+00:00",
"number": "57",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-10-30T23:00:00.000+00:00",
"number": "58",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-11-02T23:00:00.000+00:00",
"number": "59",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-11-04T23:00:00.000+00:00",
"number": "60",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2025-11-05T23:00:00.000+00:00",
"number": "61",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-11-06T23:00:00.000+00:00",
"number": "62",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-11-09T23:00:00.000+00:00",
"number": "63",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-11-11T23:00:00.000+00:00",
"number": "64",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-11-12T23:00:00.000+00:00",
"number": "65",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-11-13T23:00:00.000+00:00",
"number": "66",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-11-19T23:00:00.000+00:00",
"number": "67",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-11-24T23:00:00.000+00:00",
"number": "68",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-11-25T23:00:00.000+00:00",
"number": "69",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-11-26T23:00:00.000+00:00",
"number": "70",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2025-11-30T23:00:00.000+00:00",
"number": "71",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-12-03T23:00:00.000+00:00",
"number": "72",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-12-04T23:00:00.000+00:00",
"number": "73",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-12-10T23:00:00.000+00:00",
"number": "74",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-12-15T23:00:00.000+00:00",
"number": "75",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-12-16T23:00:00.000+00:00",
"number": "76",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-12-17T23:00:00.000+00:00",
"number": "77",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-01-11T23:00:00.000+00:00",
"number": "78",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-01-14T23:00:00.000+00:00",
"number": "79",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-01-18T23:00:00.000+00:00",
"number": "80",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-02-09T23:00:00.000+00:00",
"number": "81",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2026-02-11T23:00:00.000+00:00",
"number": "82",
"summary": "Neue Updates von Ubuntu und Debian aufgenommen"
},
{
"date": "2026-02-15T23:00:00.000+00:00",
"number": "83",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-02-16T23:00:00.000+00:00",
"number": "84",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-02-17T23:00:00.000+00:00",
"number": "85",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-02-18T23:00:00.000+00:00",
"number": "86",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-02-19T23:00:00.000+00:00",
"number": "87",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-02-22T23:00:00.000+00:00",
"number": "88",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-02-24T23:00:00.000+00:00",
"number": "89",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-03-04T23:00:00.000+00:00",
"number": "90",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-03-05T23:00:00.000+00:00",
"number": "91",
"summary": "Neue Updates von SUSE aufgenommen"
}
],
"status": "final",
"version": "91"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Appliance \u003c5.32.00.18",
"product": {
"name": "Dell Secure Connect Gateway Appliance \u003c5.32.00.18",
"product_id": "T048301"
}
},
{
"category": "product_version",
"name": "Appliance 5.32.00.18",
"product": {
"name": "Dell Secure Connect Gateway Appliance 5.32.00.18",
"product_id": "T048301-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:secure_connect_gateway:appliance__5.32.00.18"
}
}
}
],
"category": "product_name",
"name": "Secure Connect Gateway"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "Google Cloud Platform",
"product": {
"name": "Google Cloud Platform",
"product_id": "393401",
"product_identification_helper": {
"cpe": "cpe:/a:google:cloud_platform:-"
}
}
}
],
"category": "vendor",
"name": "Google"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.4.244",
"product": {
"name": "Open Source Linux Kernel \u003c4.4.244",
"product_id": "T043041"
}
},
{
"category": "product_version",
"name": "4.4.244",
"product": {
"name": "Open Source Linux Kernel 4.4.244",
"product_id": "T043041-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:4.4.244"
}
}
},
{
"category": "product_version_range",
"name": "\u003c4.9.244",
"product": {
"name": "Open Source Linux Kernel \u003c4.9.244",
"product_id": "T043042"
}
},
{
"category": "product_version",
"name": "4.9.244",
"product": {
"name": "Open Source Linux Kernel 4.9.244",
"product_id": "T043042-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:4.9.244"
}
}
},
{
"category": "product_version_range",
"name": "\u003c4.14.207",
"product": {
"name": "Open Source Linux Kernel \u003c4.14.207",
"product_id": "T043043"
}
},
{
"category": "product_version",
"name": "4.14.207",
"product": {
"name": "Open Source Linux Kernel 4.14.207",
"product_id": "T043043-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:4.14.207"
}
}
},
{
"category": "product_version_range",
"name": "\u003c4.19.158",
"product": {
"name": "Open Source Linux Kernel \u003c4.19.158",
"product_id": "T043044"
}
},
{
"category": "product_version",
"name": "4.19.158",
"product": {
"name": "Open Source Linux Kernel 4.19.158",
"product_id": "T043044-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:4.19.158"
}
}
},
{
"category": "product_version_range",
"name": "\u003c5.4.78",
"product": {
"name": "Open Source Linux Kernel \u003c5.4.78",
"product_id": "T043045"
}
},
{
"category": "product_version",
"name": "5.4.78",
"product": {
"name": "Open Source Linux Kernel 5.4.78",
"product_id": "T043045-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:5.4.78"
}
}
},
{
"category": "product_version_range",
"name": "\u003c5.9.9",
"product": {
"name": "Open Source Linux Kernel \u003c5.9.9",
"product_id": "T043046"
}
},
{
"category": "product_version",
"name": "5.9.9",
"product": {
"name": "Open Source Linux Kernel 5.9.9",
"product_id": "T043046-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:5.9.9"
}
}
},
{
"category": "product_version_range",
"name": "\u003c5.10",
"product": {
"name": "Open Source Linux Kernel \u003c5.10",
"product_id": "T043048"
}
},
{
"category": "product_version",
"name": "5.1",
"product": {
"name": "Open Source Linux Kernel 5.10",
"product_id": "T043048-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:5.10"
}
}
},
{
"category": "product_version_range",
"name": "\u003c4.4.254",
"product": {
"name": "Open Source Linux Kernel \u003c4.4.254",
"product_id": "T043051"
}
},
{
"category": "product_version",
"name": "4.4.254",
"product": {
"name": "Open Source Linux Kernel 4.4.254",
"product_id": "T043051-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:4.4.254"
}
}
},
{
"category": "product_version_range",
"name": "\u003c4.9.254",
"product": {
"name": "Open Source Linux Kernel \u003c4.9.254",
"product_id": "T043052"
}
},
{
"category": "product_version",
"name": "4.9.254",
"product": {
"name": "Open Source Linux Kernel 4.9.254",
"product_id": "T043052-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:4.9.254"
}
}
},
{
"category": "product_version_range",
"name": "\u003c4.14.218",
"product": {
"name": "Open Source Linux Kernel \u003c4.14.218",
"product_id": "T043053"
}
},
{
"category": "product_version",
"name": "4.14.218",
"product": {
"name": "Open Source Linux Kernel 4.14.218",
"product_id": "T043053-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:4.14.218"
}
}
},
{
"category": "product_version_range",
"name": "\u003c4.19.171",
"product": {
"name": "Open Source Linux Kernel \u003c4.19.171",
"product_id": "T043054"
}
},
{
"category": "product_version",
"name": "4.19.171",
"product": {
"name": "Open Source Linux Kernel 4.19.171",
"product_id": "T043054-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:4.19.171"
}
}
},
{
"category": "product_version_range",
"name": "\u003c5.4.93",
"product": {
"name": "Open Source Linux Kernel \u003c5.4.93",
"product_id": "T043055"
}
},
{
"category": "product_version",
"name": "5.4.93",
"product": {
"name": "Open Source Linux Kernel 5.4.93",
"product_id": "T043055-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:5.4.93"
}
}
},
{
"category": "product_version_range",
"name": "\u003c5.10.11",
"product": {
"name": "Open Source Linux Kernel \u003c5.10.11",
"product_id": "T043056"
}
},
{
"category": "product_version",
"name": "5.10.11",
"product": {
"name": "Open Source Linux Kernel 5.10.11",
"product_id": "T043056-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:5.10.11"
}
}
},
{
"category": "product_version_range",
"name": "\u003c5.11",
"product": {
"name": "Open Source Linux Kernel \u003c5.11",
"product_id": "T043057"
}
},
{
"category": "product_version",
"name": "5.11",
"product": {
"name": "Open Source Linux Kernel 5.11",
"product_id": "T043057-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:5.11"
}
}
},
{
"category": "product_version_range",
"name": "\u003c5.14.19",
"product": {
"name": "Open Source Linux Kernel \u003c5.14.19",
"product_id": "T043058"
}
},
{
"category": "product_version",
"name": "5.14.19",
"product": {
"name": "Open Source Linux Kernel 5.14.19",
"product_id": "T043058-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:5.14.19"
}
}
},
{
"category": "product_version_range",
"name": "\u003c5.15.3",
"product": {
"name": "Open Source Linux Kernel \u003c5.15.3",
"product_id": "T043059"
}
},
{
"category": "product_version",
"name": "5.15.3",
"product": {
"name": "Open Source Linux Kernel 5.15.3",
"product_id": "T043059-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:5.15.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c5.16",
"product": {
"name": "Open Source Linux Kernel \u003c5.16",
"product_id": "T043060"
}
},
{
"category": "product_version",
"name": "5.16",
"product": {
"name": "Open Source Linux Kernel 5.16",
"product_id": "T043060-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:5.16"
}
}
},
{
"category": "product_version_range",
"name": "\u003c5.10.236",
"product": {
"name": "Open Source Linux Kernel \u003c5.10.236",
"product_id": "T043061"
}
},
{
"category": "product_version",
"name": "5.10.236",
"product": {
"name": "Open Source Linux Kernel 5.10.236",
"product_id": "T043061-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:5.10.236"
}
}
},
{
"category": "product_version_range",
"name": "\u003c5.15.180",
"product": {
"name": "Open Source Linux Kernel \u003c5.15.180",
"product_id": "T043062"
}
},
{
"category": "product_version",
"name": "5.15.180",
"product": {
"name": "Open Source Linux Kernel 5.15.180",
"product_id": "T043062-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:5.15.180"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.1.134",
"product": {
"name": "Open Source Linux Kernel \u003c6.1.134",
"product_id": "T043063"
}
},
{
"category": "product_version",
"name": "6.1.134",
"product": {
"name": "Open Source Linux Kernel 6.1.134",
"product_id": "T043063-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:6.1.134"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.6.87",
"product": {
"name": "Open Source Linux Kernel \u003c6.6.87",
"product_id": "T043064"
}
},
{
"category": "product_version",
"name": "6.6.87",
"product": {
"name": "Open Source Linux Kernel 6.6.87",
"product_id": "T043064-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:6.6.87"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.12.23",
"product": {
"name": "Open Source Linux Kernel \u003c6.12.23",
"product_id": "T043065"
}
},
{
"category": "product_version",
"name": "6.12.23",
"product": {
"name": "Open Source Linux Kernel 6.12.23",
"product_id": "T043065-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:6.12.23"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.13.11",
"product": {
"name": "Open Source Linux Kernel \u003c6.13.11",
"product_id": "T043066"
}
},
{
"category": "product_version",
"name": "6.13.11",
"product": {
"name": "Open Source Linux Kernel 6.13.11",
"product_id": "T043066-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:6.13.11"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.14.2",
"product": {
"name": "Open Source Linux Kernel \u003c6.14.2",
"product_id": "T043067"
}
},
{
"category": "product_version",
"name": "6.14.2",
"product": {
"name": "Open Source Linux Kernel 6.14.2",
"product_id": "T043067-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:6.14.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.15-rc1",
"product": {
"name": "Open Source Linux Kernel \u003c6.15-rc1",
"product_id": "T043072"
}
},
{
"category": "product_version",
"name": "6.15-rc1",
"product": {
"name": "Open Source Linux Kernel 6.15-rc1",
"product_id": "T043072-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:6.15-rc1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c5.4.292",
"product": {
"name": "Open Source Linux Kernel \u003c5.4.292",
"product_id": "T043073"
}
},
{
"category": "product_version",
"name": "5.4.292",
"product": {
"name": "Open Source Linux Kernel 5.4.292",
"product_id": "T043073-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:5.4.292"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.1.129",
"product": {
"name": "Open Source Linux Kernel \u003c6.1.129",
"product_id": "T043075"
}
},
{
"category": "product_version",
"name": "6.1.129",
"product": {
"name": "Open Source Linux Kernel 6.1.129",
"product_id": "T043075-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:6.1.129"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.6.78",
"product": {
"name": "Open Source Linux Kernel \u003c6.6.78",
"product_id": "T043076"
}
},
{
"category": "product_version",
"name": "6.6.78",
"product": {
"name": "Open Source Linux Kernel 6.6.78",
"product_id": "T043076-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:6.6.78"
}
}
}
],
"category": "product_name",
"name": "Linux Kernel"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2025.2.1",
"product": {
"name": "SolarWinds Security Event Manager \u003c2025.2.1",
"product_id": "T044986"
}
},
{
"category": "product_version",
"name": "2025.2.1",
"product": {
"name": "SolarWinds Security Event Manager 2025.2.1",
"product_id": "T044986-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:solarwinds:security_event_manager:2025.2.1"
}
}
}
],
"category": "product_name",
"name": "Security Event Manager"
}
],
"category": "vendor",
"name": "SolarWinds"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-36789",
"product_status": {
"known_affected": [
"67646",
"T043060",
"393401",
"T004914",
"T043048",
"T043061",
"T043062",
"398363",
"T043041",
"T043063",
"T043042",
"T043064",
"T043043",
"T043065",
"T043044",
"T043066",
"T043045",
"T043067",
"T043046",
"T032255",
"T043058",
"T043059",
"T044986",
"2951",
"T002207",
"T000126",
"T027843",
"T043072",
"T043051",
"T043073",
"T043052",
"T043053",
"T043075",
"T043054",
"T043076",
"T043055",
"T043056",
"T043057",
"T048301"
]
},
"release_date": "2025-04-21T22:00:00.000+00:00",
"title": "CVE-2020-36789"
},
{
"cve": "CVE-2021-47668",
"product_status": {
"known_affected": [
"67646",
"T043060",
"393401",
"T004914",
"T043048",
"T043061",
"T043062",
"398363",
"T043041",
"T043063",
"T043042",
"T043064",
"T043043",
"T043065",
"T043044",
"T043066",
"T043045",
"T043067",
"T043046",
"T032255",
"T043058",
"T043059",
"T044986",
"2951",
"T002207",
"T000126",
"T027843",
"T043072",
"T043051",
"T043073",
"T043052",
"T043053",
"T043075",
"T043054",
"T043076",
"T043055",
"T043056",
"T043057",
"T048301"
]
},
"release_date": "2025-04-21T22:00:00.000+00:00",
"title": "CVE-2021-47668"
},
{
"cve": "CVE-2021-47669",
"product_status": {
"known_affected": [
"67646",
"T043060",
"393401",
"T004914",
"T043048",
"T043061",
"T043062",
"398363",
"T043041",
"T043063",
"T043042",
"T043064",
"T043043",
"T043065",
"T043044",
"T043066",
"T043045",
"T043067",
"T043046",
"T032255",
"T043058",
"T043059",
"T044986",
"2951",
"T002207",
"T000126",
"T027843",
"T043072",
"T043051",
"T043073",
"T043052",
"T043053",
"T043075",
"T043054",
"T043076",
"T043055",
"T043056",
"T043057",
"T048301"
]
},
"release_date": "2025-04-21T22:00:00.000+00:00",
"title": "CVE-2021-47669"
},
{
"cve": "CVE-2021-47670",
"product_status": {
"known_affected": [
"67646",
"T043060",
"393401",
"T004914",
"T043048",
"T043061",
"T043062",
"398363",
"T043041",
"T043063",
"T043042",
"T043064",
"T043043",
"T043065",
"T043044",
"T043066",
"T043045",
"T043067",
"T043046",
"T032255",
"T043058",
"T043059",
"T044986",
"2951",
"T002207",
"T000126",
"T027843",
"T043072",
"T043051",
"T043073",
"T043052",
"T043053",
"T043075",
"T043054",
"T043076",
"T043055",
"T043056",
"T043057",
"T048301"
]
},
"release_date": "2025-04-21T22:00:00.000+00:00",
"title": "CVE-2021-47670"
},
{
"cve": "CVE-2021-47671",
"product_status": {
"known_affected": [
"67646",
"T043060",
"393401",
"T004914",
"T043048",
"T043061",
"T043062",
"398363",
"T043041",
"T043063",
"T043042",
"T043064",
"T043043",
"T043065",
"T043044",
"T043066",
"T043045",
"T043067",
"T043046",
"T032255",
"T043058",
"T043059",
"T044986",
"2951",
"T002207",
"T000126",
"T027843",
"T043072",
"T043051",
"T043073",
"T043052",
"T043053",
"T043075",
"T043054",
"T043076",
"T043055",
"T043056",
"T043057",
"T048301"
]
},
"release_date": "2025-04-21T22:00:00.000+00:00",
"title": "CVE-2021-47671"
},
{
"cve": "CVE-2025-37785",
"product_status": {
"known_affected": [
"67646",
"T043060",
"393401",
"T004914",
"T043048",
"T043061",
"T043062",
"398363",
"T043041",
"T043063",
"T043042",
"T043064",
"T043043",
"T043065",
"T043044",
"T043066",
"T043045",
"T043067",
"T043046",
"T032255",
"T043058",
"T043059",
"T044986",
"2951",
"T002207",
"T000126",
"T027843",
"T043072",
"T043051",
"T043073",
"T043052",
"T043053",
"T043075",
"T043054",
"T043076",
"T043055",
"T043056",
"T043057",
"T048301"
]
},
"release_date": "2025-04-21T22:00:00.000+00:00",
"title": "CVE-2025-37785"
},
{
"cve": "CVE-2025-37838",
"product_status": {
"known_affected": [
"67646",
"T043060",
"393401",
"T004914",
"T043048",
"T043061",
"T043062",
"398363",
"T043041",
"T043063",
"T043042",
"T043064",
"T043043",
"T043065",
"T043044",
"T043066",
"T043045",
"T043067",
"T043046",
"T032255",
"T043058",
"T043059",
"T044986",
"2951",
"T002207",
"T000126",
"T027843",
"T043072",
"T043051",
"T043073",
"T043052",
"T043053",
"T043075",
"T043054",
"T043076",
"T043055",
"T043056",
"T043057",
"T048301"
]
},
"release_date": "2025-04-21T22:00:00.000+00:00",
"title": "CVE-2025-37838"
},
{
"cve": "CVE-2025-37860",
"product_status": {
"known_affected": [
"67646",
"T043060",
"393401",
"T004914",
"T043048",
"T043061",
"T043062",
"398363",
"T043041",
"T043063",
"T043042",
"T043064",
"T043043",
"T043065",
"T043044",
"T043066",
"T043045",
"T043067",
"T043046",
"T032255",
"T043058",
"T043059",
"T044986",
"2951",
"T002207",
"T000126",
"T027843",
"T043072",
"T043051",
"T043073",
"T043052",
"T043053",
"T043075",
"T043054",
"T043076",
"T043055",
"T043056",
"T043057",
"T048301"
]
},
"release_date": "2025-04-21T22:00:00.000+00:00",
"title": "CVE-2025-37860"
},
{
"cve": "CVE-2025-37893",
"product_status": {
"known_affected": [
"67646",
"T043060",
"393401",
"T004914",
"T043048",
"T043061",
"T043062",
"398363",
"T043041",
"T043063",
"T043042",
"T043064",
"T043043",
"T043065",
"T043044",
"T043066",
"T043045",
"T043067",
"T043046",
"T032255",
"T043058",
"T043059",
"T044986",
"2951",
"T002207",
"T000126",
"T027843",
"T043072",
"T043051",
"T043073",
"T043052",
"T043053",
"T043075",
"T043054",
"T043076",
"T043055",
"T043056",
"T043057",
"T048301"
]
},
"release_date": "2025-04-21T22:00:00.000+00:00",
"title": "CVE-2025-37893"
},
{
"cve": "CVE-2025-37925",
"product_status": {
"known_affected": [
"67646",
"T043060",
"393401",
"T004914",
"T043048",
"T043061",
"T043062",
"398363",
"T043041",
"T043063",
"T043042",
"T043064",
"T043043",
"T043065",
"T043044",
"T043066",
"T043045",
"T043067",
"T043046",
"T032255",
"T043058",
"T043059",
"T044986",
"2951",
"T002207",
"T000126",
"T027843",
"T043072",
"T043051",
"T043073",
"T043052",
"T043053",
"T043075",
"T043054",
"T043076",
"T043055",
"T043056",
"T043057",
"T048301"
]
},
"release_date": "2025-04-21T22:00:00.000+00:00",
"title": "CVE-2025-37925"
},
{
"cve": "CVE-2025-38049",
"product_status": {
"known_affected": [
"67646",
"T043060",
"393401",
"T004914",
"T043048",
"T043061",
"T043062",
"398363",
"T043041",
"T043063",
"T043042",
"T043064",
"T043043",
"T043065",
"T043044",
"T043066",
"T043045",
"T043067",
"T043046",
"T032255",
"T043058",
"T043059",
"T044986",
"2951",
"T002207",
"T000126",
"T027843",
"T043072",
"T043051",
"T043073",
"T043052",
"T043053",
"T043075",
"T043054",
"T043076",
"T043055",
"T043056",
"T043057",
"T048301"
]
},
"release_date": "2025-04-21T22:00:00.000+00:00",
"title": "CVE-2025-38049"
},
{
"cve": "CVE-2025-38104",
"product_status": {
"known_affected": [
"67646",
"T043060",
"393401",
"T004914",
"T043048",
"T043061",
"T043062",
"398363",
"T043041",
"T043063",
"T043042",
"T043064",
"T043043",
"T043065",
"T043044",
"T043066",
"T043045",
"T043067",
"T043046",
"T032255",
"T043058",
"T043059",
"T044986",
"2951",
"T002207",
"T000126",
"T027843",
"T043072",
"T043051",
"T043073",
"T043052",
"T043053",
"T043075",
"T043054",
"T043076",
"T043055",
"T043056",
"T043057",
"T048301"
]
},
"release_date": "2025-04-21T22:00:00.000+00:00",
"title": "CVE-2025-38104"
},
{
"cve": "CVE-2025-38152",
"product_status": {
"known_affected": [
"67646",
"T043060",
"393401",
"T004914",
"T043048",
"T043061",
"T043062",
"398363",
"T043041",
"T043063",
"T043042",
"T043064",
"T043043",
"T043065",
"T043044",
"T043066",
"T043045",
"T043067",
"T043046",
"T032255",
"T043058",
"T043059",
"T044986",
"2951",
"T002207",
"T000126",
"T027843",
"T043072",
"T043051",
"T043073",
"T043052",
"T043053",
"T043075",
"T043054",
"T043076",
"T043055",
"T043056",
"T043057",
"T048301"
]
},
"release_date": "2025-04-21T22:00:00.000+00:00",
"title": "CVE-2025-38152"
},
{
"cve": "CVE-2025-38240",
"product_status": {
"known_affected": [
"67646",
"T043060",
"393401",
"T004914",
"T043048",
"T043061",
"T043062",
"398363",
"T043041",
"T043063",
"T043042",
"T043064",
"T043043",
"T043065",
"T043044",
"T043066",
"T043045",
"T043067",
"T043046",
"T032255",
"T043058",
"T043059",
"T044986",
"2951",
"T002207",
"T000126",
"T027843",
"T043072",
"T043051",
"T043073",
"T043052",
"T043053",
"T043075",
"T043054",
"T043076",
"T043055",
"T043056",
"T043057",
"T048301"
]
},
"release_date": "2025-04-21T22:00:00.000+00:00",
"title": "CVE-2025-38240"
},
{
"cve": "CVE-2025-38479",
"product_status": {
"known_affected": [
"67646",
"T043060",
"393401",
"T004914",
"T043048",
"T043061",
"T043062",
"398363",
"T043041",
"T043063",
"T043042",
"T043064",
"T043043",
"T043065",
"T043044",
"T043066",
"T043045",
"T043067",
"T043046",
"T032255",
"T043058",
"T043059",
"T044986",
"2951",
"T002207",
"T000126",
"T027843",
"T043072",
"T043051",
"T043073",
"T043052",
"T043053",
"T043075",
"T043054",
"T043076",
"T043055",
"T043056",
"T043057",
"T048301"
]
},
"release_date": "2025-04-21T22:00:00.000+00:00",
"title": "CVE-2025-38479"
},
{
"cve": "CVE-2025-38575",
"product_status": {
"known_affected": [
"67646",
"T043060",
"393401",
"T004914",
"T043048",
"T043061",
"T043062",
"398363",
"T043041",
"T043063",
"T043042",
"T043064",
"T043043",
"T043065",
"T043044",
"T043066",
"T043045",
"T043067",
"T043046",
"T032255",
"T043058",
"T043059",
"T044986",
"2951",
"T002207",
"T000126",
"T027843",
"T043072",
"T043051",
"T043073",
"T043052",
"T043053",
"T043075",
"T043054",
"T043076",
"T043055",
"T043056",
"T043057",
"T048301"
]
},
"release_date": "2025-04-21T22:00:00.000+00:00",
"title": "CVE-2025-38575"
},
{
"cve": "CVE-2025-38637",
"product_status": {
"known_affected": [
"67646",
"T043060",
"393401",
"T004914",
"T043048",
"T043061",
"T043062",
"398363",
"T043041",
"T043063",
"T043042",
"T043064",
"T043043",
"T043065",
"T043044",
"T043066",
"T043045",
"T043067",
"T043046",
"T032255",
"T043058",
"T043059",
"T044986",
"2951",
"T002207",
"T000126",
"T027843",
"T043072",
"T043051",
"T043073",
"T043052",
"T043053",
"T043075",
"T043054",
"T043076",
"T043055",
"T043056",
"T043057",
"T048301"
]
},
"release_date": "2025-04-21T22:00:00.000+00:00",
"title": "CVE-2025-38637"
},
{
"cve": "CVE-2025-39688",
"product_status": {
"known_affected": [
"67646",
"T043060",
"393401",
"T004914",
"T043048",
"T043061",
"T043062",
"398363",
"T043041",
"T043063",
"T043042",
"T043064",
"T043043",
"T043065",
"T043044",
"T043066",
"T043045",
"T043067",
"T043046",
"T032255",
"T043058",
"T043059",
"T044986",
"2951",
"T002207",
"T000126",
"T027843",
"T043072",
"T043051",
"T043073",
"T043052",
"T043053",
"T043075",
"T043054",
"T043076",
"T043055",
"T043056",
"T043057",
"T048301"
]
},
"release_date": "2025-04-21T22:00:00.000+00:00",
"title": "CVE-2025-39688"
},
{
"cve": "CVE-2025-39728",
"product_status": {
"known_affected": [
"67646",
"T043060",
"393401",
"T004914",
"T043048",
"T043061",
"T043062",
"398363",
"T043041",
"T043063",
"T043042",
"T043064",
"T043043",
"T043065",
"T043044",
"T043066",
"T043045",
"T043067",
"T043046",
"T032255",
"T043058",
"T043059",
"T044986",
"2951",
"T002207",
"T000126",
"T027843",
"T043072",
"T043051",
"T043073",
"T043052",
"T043053",
"T043075",
"T043054",
"T043076",
"T043055",
"T043056",
"T043057",
"T048301"
]
},
"release_date": "2025-04-21T22:00:00.000+00:00",
"title": "CVE-2025-39728"
},
{
"cve": "CVE-2025-39735",
"product_status": {
"known_affected": [
"67646",
"T043060",
"393401",
"T004914",
"T043048",
"T043061",
"T043062",
"398363",
"T043041",
"T043063",
"T043042",
"T043064",
"T043043",
"T043065",
"T043044",
"T043066",
"T043045",
"T043067",
"T043046",
"T032255",
"T043058",
"T043059",
"T044986",
"2951",
"T002207",
"T000126",
"T027843",
"T043072",
"T043051",
"T043073",
"T043052",
"T043053",
"T043075",
"T043054",
"T043076",
"T043055",
"T043056",
"T043057",
"T048301"
]
},
"release_date": "2025-04-21T22:00:00.000+00:00",
"title": "CVE-2025-39735"
},
{
"cve": "CVE-2025-39755",
"product_status": {
"known_affected": [
"67646",
"T043060",
"393401",
"T004914",
"T043048",
"T043061",
"T043062",
"398363",
"T043041",
"T043063",
"T043042",
"T043064",
"T043043",
"T043065",
"T043044",
"T043066",
"T043045",
"T043067",
"T043046",
"T032255",
"T043058",
"T043059",
"T044986",
"2951",
"T002207",
"T000126",
"T027843",
"T043072",
"T043051",
"T043073",
"T043052",
"T043053",
"T043075",
"T043054",
"T043076",
"T043055",
"T043056",
"T043057",
"T048301"
]
},
"release_date": "2025-04-21T22:00:00.000+00:00",
"title": "CVE-2025-39755"
},
{
"cve": "CVE-2025-39778",
"product_status": {
"known_affected": [
"67646",
"T043060",
"393401",
"T004914",
"T043048",
"T043061",
"T043062",
"398363",
"T043041",
"T043063",
"T043042",
"T043064",
"T043043",
"T043065",
"T043044",
"T043066",
"T043045",
"T043067",
"T043046",
"T032255",
"T043058",
"T043059",
"T044986",
"2951",
"T002207",
"T000126",
"T027843",
"T043072",
"T043051",
"T043073",
"T043052",
"T043053",
"T043075",
"T043054",
"T043076",
"T043055",
"T043056",
"T043057",
"T048301"
]
},
"release_date": "2025-04-21T22:00:00.000+00:00",
"title": "CVE-2025-39778"
},
{
"cve": "CVE-2025-39930",
"product_status": {
"known_affected": [
"67646",
"T043060",
"393401",
"T004914",
"T043048",
"T043061",
"T043062",
"398363",
"T043041",
"T043063",
"T043042",
"T043064",
"T043043",
"T043065",
"T043044",
"T043066",
"T043045",
"T043067",
"T043046",
"T032255",
"T043058",
"T043059",
"T044986",
"2951",
"T002207",
"T000126",
"T027843",
"T043072",
"T043051",
"T043073",
"T043052",
"T043053",
"T043075",
"T043054",
"T043076",
"T043055",
"T043056",
"T043057",
"T048301"
]
},
"release_date": "2025-04-21T22:00:00.000+00:00",
"title": "CVE-2025-39930"
},
{
"cve": "CVE-2025-39989",
"product_status": {
"known_affected": [
"67646",
"T043060",
"393401",
"T004914",
"T043048",
"T043061",
"T043062",
"398363",
"T043041",
"T043063",
"T043042",
"T043064",
"T043043",
"T043065",
"T043044",
"T043066",
"T043045",
"T043067",
"T043046",
"T032255",
"T043058",
"T043059",
"T044986",
"2951",
"T002207",
"T000126",
"T027843",
"T043072",
"T043051",
"T043073",
"T043052",
"T043053",
"T043075",
"T043054",
"T043076",
"T043055",
"T043056",
"T043057",
"T048301"
]
},
"release_date": "2025-04-21T22:00:00.000+00:00",
"title": "CVE-2025-39989"
},
{
"cve": "CVE-2025-40014",
"product_status": {
"known_affected": [
"67646",
"T043060",
"393401",
"T004914",
"T043048",
"T043061",
"T043062",
"398363",
"T043041",
"T043063",
"T043042",
"T043064",
"T043043",
"T043065",
"T043044",
"T043066",
"T043045",
"T043067",
"T043046",
"T032255",
"T043058",
"T043059",
"T044986",
"2951",
"T002207",
"T000126",
"T027843",
"T043072",
"T043051",
"T043073",
"T043052",
"T043053",
"T043075",
"T043054",
"T043076",
"T043055",
"T043056",
"T043057",
"T048301"
]
},
"release_date": "2025-04-21T22:00:00.000+00:00",
"title": "CVE-2025-40014"
},
{
"cve": "CVE-2025-40114",
"product_status": {
"known_affected": [
"67646",
"T043060",
"393401",
"T004914",
"T043048",
"T043061",
"T043062",
"398363",
"T043041",
"T043063",
"T043042",
"T043064",
"T043043",
"T043065",
"T043044",
"T043066",
"T043045",
"T043067",
"T043046",
"T032255",
"T043058",
"T043059",
"T044986",
"2951",
"T002207",
"T000126",
"T027843",
"T043072",
"T043051",
"T043073",
"T043052",
"T043053",
"T043075",
"T043054",
"T043076",
"T043055",
"T043056",
"T043057",
"T048301"
]
},
"release_date": "2025-04-21T22:00:00.000+00:00",
"title": "CVE-2025-40114"
},
{
"cve": "CVE-2025-40325",
"product_status": {
"known_affected": [
"67646",
"T043060",
"393401",
"T004914",
"T043048",
"T043061",
"T043062",
"398363",
"T043041",
"T043063",
"T043042",
"T043064",
"T043043",
"T043065",
"T043044",
"T043066",
"T043045",
"T043067",
"T043046",
"T032255",
"T043058",
"T043059",
"T044986",
"2951",
"T002207",
"T000126",
"T027843",
"T043072",
"T043051",
"T043073",
"T043052",
"T043053",
"T043075",
"T043054",
"T043076",
"T043055",
"T043056",
"T043057",
"T048301"
]
},
"release_date": "2025-04-21T22:00:00.000+00:00",
"title": "CVE-2025-40325"
},
{
"cve": "CVE-2025-40364",
"product_status": {
"known_affected": [
"67646",
"T043060",
"393401",
"T004914",
"T043048",
"T043061",
"T043062",
"398363",
"T043041",
"T043063",
"T043042",
"T043064",
"T043043",
"T043065",
"T043044",
"T043066",
"T043045",
"T043067",
"T043046",
"T032255",
"T043058",
"T043059",
"T044986",
"2951",
"T002207",
"T000126",
"T027843",
"T043072",
"T043051",
"T043073",
"T043052",
"T043053",
"T043075",
"T043054",
"T043076",
"T043055",
"T043056",
"T043057",
"T048301"
]
},
"release_date": "2025-04-21T22:00:00.000+00:00",
"title": "CVE-2025-40364"
}
]
}
FKIE_CVE-2025-37893
Vulnerability from fkie_nvd - Published: 2025-04-18 07:15 - Updated: 2025-10-01 17:15
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
LoongArch: BPF: Fix off-by-one error in build_prologue()
Vincent reported that running BPF progs with tailcalls on LoongArch
causes kernel hard lockup. Debugging the issues shows that the JITed
image missing a jirl instruction at the end of the epilogue.
There are two passes in JIT compiling, the first pass set the flags and
the second pass generates JIT code based on those flags. With BPF progs
mixing bpf2bpf and tailcalls, build_prologue() generates N insns in the
first pass and then generates N+1 insns in the second pass. This makes
epilogue_offset off by one and we will jump to some unexpected insn and
cause lockup. Fix this by inserting a nop insn.
References
| URL | Tags | ||
|---|---|---|---|
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/205a2182c51ffebaef54d643e3745e720cded08b | Patch | |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/48b904de2408af5f936f0e03f48dfcddeab58aa0 | Patch | |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/7e2586991e36663c9bc48c828b83eab180ad30a9 | Patch | |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/b3ffad2f02db4aace6799fe0049508b8925eae45 | Patch | |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/c74d95a5679741ef428974ab788f5b0758dc78ae | Patch |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10FAA32F-8D33-4A36-8482-01961DD84A84",
"versionEndExcluding": "6.1.134",
"versionStartIncluding": "6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFF24260-49B1-4251-9477-C564CFDAD25B",
"versionEndExcluding": "6.6.87",
"versionStartIncluding": "6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "26CAB76D-F00F-43CE-BEAD-7097F8FB1D6C",
"versionEndExcluding": "6.12.23",
"versionStartIncluding": "6.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7E864B0-8C00-4679-BA55-659B4C9C3AD3",
"versionEndExcluding": "6.13.11",
"versionStartIncluding": "6.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FADAE5D8-4808-442C-B218-77B2CE8780A0",
"versionEndExcluding": "6.14.2",
"versionStartIncluding": "6.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nLoongArch: BPF: Fix off-by-one error in build_prologue()\n\nVincent reported that running BPF progs with tailcalls on LoongArch\ncauses kernel hard lockup. Debugging the issues shows that the JITed\nimage missing a jirl instruction at the end of the epilogue.\n\nThere are two passes in JIT compiling, the first pass set the flags and\nthe second pass generates JIT code based on those flags. With BPF progs\nmixing bpf2bpf and tailcalls, build_prologue() generates N insns in the\nfirst pass and then generates N+1 insns in the second pass. This makes\nepilogue_offset off by one and we will jump to some unexpected insn and\ncause lockup. Fix this by inserting a nop insn."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: LoongArch: BPF: Correcci\u00f3n de error de uno en build_prologue() Vincent inform\u00f3 que ejecutar programas BPF con llamadas de cola en LoongArch provoca un bloqueo duro del kernel. La depuraci\u00f3n de los problemas muestra que a la imagen JIT le falta una instrucci\u00f3n jirl al final del ep\u00edlogo. Hay dos pasos en la compilaci\u00f3n JIT, el primer paso establece los indicadores y el segundo paso genera c\u00f3digo JIT basado en esos indicadores. Con programas BPF que mezclan bpf2bpf y llamadas de cola, build_prologue() genera N insns en el primer paso y luego genera N + 1 insns en el segundo paso. Esto hace que epilogue_offset se desv\u00ede en uno y saltaremos a alg\u00fan insn inesperado y causaremos un bloqueo. Arregle esto insertando un insn nop."
}
],
"id": "CVE-2025-37893",
"lastModified": "2025-10-01T17:15:45.737",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-04-18T07:15:42.983",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/205a2182c51ffebaef54d643e3745e720cded08b"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/48b904de2408af5f936f0e03f48dfcddeab58aa0"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/7e2586991e36663c9bc48c828b83eab180ad30a9"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/b3ffad2f02db4aace6799fe0049508b8925eae45"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/c74d95a5679741ef428974ab788f5b0758dc78ae"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-193"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-193"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…