admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-02 11:42:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-05-09 07:00:38 +00:00
parent 0563c25d67
commit 6f85135fc8
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
63 changed files with 7212 additions and 248 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

76
2024/11xxx/CVE-2024-11617.json
View File

@ -1,17 +1,85 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-11617",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Envolve Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'zetra_languageUpload' and 'zetra_fontsUpload' functions in all versions up to, and including, 1.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"cweId": "CWE-434"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "ThemeKalia",
"product": {
"product_data": [
{
"product_name": "Envolve Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d0ad02d9-546f-4bcb-b567-785e3acfb489?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d0ad02d9-546f-4bcb-b567-785e3acfb489?source=cve"
},
{
"url": "https://themeforest.net/item/envolve-consulting-business-wordpress-theme/28748459",
"refsource": "MISC",
"name": "https://themeforest.net/item/envolve-consulting-business-wordpress-theme/28748459"
}
]
},
"credits": [
{
"lang": "en",
"value": "Friderika Baranyai"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
}
]
}

76
2025/2xxx/CVE-2025-2253.json
View File

@ -1,17 +1,85 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-2253",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The IMITHEMES Listing plugin is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.3. This is due to the plugin not properly validating a verification code value prior to updating their password through the imic_reset_password_init() function. This makes it possible for unauthenticated attackers to change any user's passwords, including administrators if the users email is known."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-620 Unverified Password Change",
"cweId": "CWE-620"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "imithemes",
"product": {
"product_data": [
{
"product_name": "IMITHEMES Listing",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "3.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4ed0ea4a-9cbf-4033-a31f-6cb954e8ce01?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4ed0ea4a-9cbf-4033-a31f-6cb954e8ce01?source=cve"
},
{
"url": "https://themeforest.net/item/auto-stars-car-dealership-listings-wp-theme/11560490",
"refsource": "MISC",
"name": "https://themeforest.net/item/auto-stars-car-dealership-listings-wp-theme/11560490"
}
]
},
"credits": [
{
"lang": "en",
"value": "Alyudin Nafiie"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
}
]
}

134
2025/37xxx/CVE-2025-37835.json
View File

@ -1,18 +1,144 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37835",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Fix netns refcount imbalance causing leaks and use-after-free\n\nCommit ef7134c7fc48 (\"smb: client: Fix use-after-free of network\nnamespace.\") attempted to fix a netns use-after-free issue by manually\nadjusting reference counts via sk->sk_net_refcnt and sock_inuse_add().\n\nHowever, a later commit e9f2517a3e18 (\"smb: client: fix TCP timers deadlock\nafter rmmod\") pointed out that the approach of manually setting\nsk->sk_net_refcnt in the first commit was technically incorrect, as\nsk->sk_net_refcnt should only be set for user sockets. It led to issues\nlike TCP timers not being cleared properly on close. The second commit\nmoved to a model of just holding an extra netns reference for\nserver->ssocket using get_net(), and dropping it when the server is torn\ndown.\n\nBut there remain some gaps in the get_net()/put_net() balancing added by\nthese commits. The incomplete reference handling in these fixes results\nin two issues:\n\n1. Netns refcount leaks[1]\n\nThe problem process is as follows:\n\n```\nmount.cifs cifsd\n\ncifs_do_mount\n cifs_mount\n cifs_mount_get_session\n cifs_get_tcp_session\n get_net() /* First get net. */\n ip_connect\n generic_ip_connect /* Try port 445 */\n get_net()\n ->connect() /* Failed */\n put_net()\n generic_ip_connect /* Try port 139 */\n get_net() /* Missing matching put_net() for this get_net().*/\n cifs_get_smb_ses\n cifs_negotiate_protocol\n smb2_negotiate\n SMB2_negotiate\n cifs_send_recv\n wait_for_response\n cifs_demultiplex_thread\n cifs_read_from_socket\n cifs_readv_from_socket\n cifs_reconnect\n cifs_abort_connection\n sock_release();\n server->ssocket = NULL;\n /* Missing put_net() here. */\n generic_ip_connect\n get_net()\n ->connect() /* Failed */\n put_net()\n sock_release();\n server->ssocket = NULL;\n free_rsp_buf\n ...\n clean_demultiplex_info\n /* It's only called once here. */\n put_net()\n```\n\nWhen cifs_reconnect() is triggered, the server->ssocket is released\nwithout a corresponding put_net() for the reference acquired in\ngeneric_ip_connect() before. it ends up calling generic_ip_connect()\nagain to retry get_net(). After that, server->ssocket is set to NULL\nin the error path of generic_ip_connect(), and the net count cannot be\nreleased in the final clean_demultiplex_info() function.\n\n2. Potential use-after-free\n\nThe current refcounting scheme can lead to a potential use-after-free issue\nin the following scenario:\n\n```\n cifs_do_mount\n cifs_mount\n cifs_mount_get_session\n cifs_get_tcp_session\n get_net() /* First get net */\n ip_connect\n generic_ip_connect\n get_net()\n bind_socket\n\t kernel_bind /* failed */\n put_net()\n /* after out_err_crypto_release label */\n put_net()\n /* after out_err label */\n put_net()\n```\n\nIn the exception handling process where binding the socket fails, the\nget_net() and put_net() calls are unbalanced, which may cause the\nserver->net reference count to drop to zero and be prematurely released.\n\nTo address both issues, this patch ties the netns reference counti\n---truncated---"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "e8c71494181153a134c96da28766a57bd1eac8cb",
"version_value": "c6b6b8dcef4adf8ee4e439bb97e74106096c71b8"
},
{
"version_affected": "<",
"version_name": "ef7134c7fc48e1441b398e55a862232868a6f0a7",
"version_value": "7d8dfc27d90d41627c0d6ada97ed0ab57b3dae25"
},
{
"version_affected": "=",
"version_value": "c7f9282fc27fc36dbaffc8527c723de264a132f8"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.12",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.12",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.87",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.23",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13.11",
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.2",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/c6b6b8dcef4adf8ee4e439bb97e74106096c71b8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c6b6b8dcef4adf8ee4e439bb97e74106096c71b8"
},
{
"url": "https://git.kernel.org/stable/c/7d8dfc27d90d41627c0d6ada97ed0ab57b3dae25",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7d8dfc27d90d41627c0d6ada97ed0ab57b3dae25"
},
{
"url": "https://git.kernel.org/stable/c/961755d0055e0e96d1849cc0425da966c8a64e53",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/961755d0055e0e96d1849cc0425da966c8a64e53"
},
{
"url": "https://git.kernel.org/stable/c/476617a4ca0123f0df677d547a82a110c27c8c74",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/476617a4ca0123f0df677d547a82a110c27c8c74"
},
{
"url": "https://git.kernel.org/stable/c/4e7f1644f2ac6d01dc584f6301c3b1d5aac4eaef",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4e7f1644f2ac6d01dc584f6301c3b1d5aac4eaef"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

158
2025/37xxx/CVE-2025-37836.json
View File

@ -1,18 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37836",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Fix reference leak in pci_register_host_bridge()\n\nIf device_register() fails, call put_device() to give up the reference to\navoid a memory leak, per the comment at device_register().\n\nFound by code review.\n\n[bhelgaas: squash Dan Carpenter's double free fix from\nhttps://lore.kernel.org/r/db806a6c-a91b-4e5a-a84b-6b7e01bdac85@stanley.mountain]"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "37d6a0a6f4700ad3ae7bbf8db38b4557e97b3fe4",
"version_value": "f4db1b2c9ae3d013733c302ee70cac943b7070c0"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.10",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.10",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.237",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.181",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.136",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.89",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.24",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13.12",
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.3",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/f4db1b2c9ae3d013733c302ee70cac943b7070c0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f4db1b2c9ae3d013733c302ee70cac943b7070c0"
},
{
"url": "https://git.kernel.org/stable/c/3297497ad2246eb9243849bfbbc57a0dea97d76e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3297497ad2246eb9243849bfbbc57a0dea97d76e"
},
{
"url": "https://git.kernel.org/stable/c/b783478e0c53ffb4f04f25fb4e21ef7f482b05df",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b783478e0c53ffb4f04f25fb4e21ef7f482b05df"
},
{
"url": "https://git.kernel.org/stable/c/bd2a352a0d72575f1842d28c14c10089f0cfe1ae",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/bd2a352a0d72575f1842d28c14c10089f0cfe1ae"
},
{
"url": "https://git.kernel.org/stable/c/9707d0c932f41006a2701afc926b232b50e356b4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9707d0c932f41006a2701afc926b232b50e356b4"
},
{
"url": "https://git.kernel.org/stable/c/bbba4c50a2d2a1d3f3bf31cc4b8280cb492bf2c7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/bbba4c50a2d2a1d3f3bf31cc4b8280cb492bf2c7"
},
{
"url": "https://git.kernel.org/stable/c/f9208aec86226524ec1cb68a09ac70e974ea6536",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f9208aec86226524ec1cb68a09ac70e974ea6536"
},
{
"url": "https://git.kernel.org/stable/c/804443c1f27883926de94c849d91f5b7d7d696e9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/804443c1f27883926de94c849d91f5b7d7d696e9"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

114
2025/37xxx/CVE-2025-37837.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37837",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/tegra241-cmdqv: Fix warnings due to dmam_free_coherent()\n\nTwo WARNINGs are observed when SMMU driver rolls back upon failure:\n arm-smmu-v3.9.auto: Failed to register iommu\n arm-smmu-v3.9.auto: probe with driver arm-smmu-v3 failed with error -22\n ------------[ cut here ]------------\n WARNING: CPU: 5 PID: 1 at kernel/dma/mapping.c:74 dmam_free_coherent+0xc0/0xd8\n Call trace:\n dmam_free_coherent+0xc0/0xd8 (P)\n tegra241_vintf_free_lvcmdq+0x74/0x188\n tegra241_cmdqv_remove_vintf+0x60/0x148\n tegra241_cmdqv_remove+0x48/0xc8\n arm_smmu_impl_remove+0x28/0x60\n devm_action_release+0x1c/0x40\n ------------[ cut here ]------------\n 128 pages are still in use!\n WARNING: CPU: 16 PID: 1 at mm/page_alloc.c:6902 free_contig_range+0x18c/0x1c8\n Call trace:\n free_contig_range+0x18c/0x1c8 (P)\n cma_release+0x154/0x2f0\n dma_free_contiguous+0x38/0xa0\n dma_direct_free+0x10c/0x248\n dma_free_attrs+0x100/0x290\n dmam_free_coherent+0x78/0xd8\n tegra241_vintf_free_lvcmdq+0x74/0x160\n tegra241_cmdqv_remove+0x98/0x198\n arm_smmu_impl_remove+0x28/0x60\n devm_action_release+0x1c/0x40\n\nThis is because the LVCMDQ queue memory are managed by devres, while that\ndmam_free_coherent() is called in the context of devm_action_release().\n\nJason pointed out that \"arm_smmu_impl_probe() has mis-ordered the devres\ncallbacks if ops->device_remove() is going to be manually freeing things\nthat probe allocated\":\nhttps://lore.kernel.org/linux-iommu/20250407174408.GB1722458@nvidia.com/\n\nIn fact, tegra241_cmdqv_init_structures() only allocates memory resources\nwhich means any failure that it generates would be similar to -ENOMEM, so\nthere is no point in having that \"falling back to standard SMMU\" routine,\nas the standard SMMU would likely fail to allocate memory too.\n\nRemove the unwind part in tegra241_cmdqv_init_structures(), and return a\nproper error code to ask SMMU driver to call tegra241_cmdqv_remove() via\nimpl_ops->device_remove(). Then, drop tegra241_vintf_free_lvcmdq() since\ndevres will take care of that."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "483e0bd8883a40fd3dd3193997a4014337698d72",
"version_value": "e5dd974d6e00704553308ef1a88659f8dcfb39d4"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.12",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.12",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.24",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13.12",
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.3",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/e5dd974d6e00704553308ef1a88659f8dcfb39d4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e5dd974d6e00704553308ef1a88659f8dcfb39d4"
},
{
"url": "https://git.kernel.org/stable/c/5584dbf393df509159813645a487b1ef76557722",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5584dbf393df509159813645a487b1ef76557722"
},
{
"url": "https://git.kernel.org/stable/c/e38ed6908080047d8fa1763d1da86b584f9eb55b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e38ed6908080047d8fa1763d1da86b584f9eb55b"
},
{
"url": "https://git.kernel.org/stable/c/767e22001dfce64cc03b7def1562338591ab6031",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/767e22001dfce64cc03b7def1562338591ab6031"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

159
2025/37xxx/CVE-2025-37839.json
View File

@ -1,18 +1,169 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37839",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: remove wrong sb->s_sequence check\n\nJournal emptiness is not determined by sb->s_sequence == 0 but rather by\nsb->s_start == 0 (which is set a few lines above). Furthermore 0 is a\nvalid transaction ID so the check can spuriously trigger. Remove the\ninvalid WARN_ON."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "cf30432f5b3064ff85d85639c2f0106f89c566f6"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.4.293",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.237",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.181",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.135",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.88",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.24",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13.12",
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.3",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/cf30432f5b3064ff85d85639c2f0106f89c566f6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cf30432f5b3064ff85d85639c2f0106f89c566f6"
},
{
"url": "https://git.kernel.org/stable/c/b479839525fe7906966cdc4b5b2afbca048558a1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b479839525fe7906966cdc4b5b2afbca048558a1"
},
{
"url": "https://git.kernel.org/stable/c/ad926f735b4d4f10768fec7d080cadeb6d075cac",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ad926f735b4d4f10768fec7d080cadeb6d075cac"
},
{
"url": "https://git.kernel.org/stable/c/3b4643ffaf72d7a5a357e9bf68b1775f8cfe7e77",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3b4643ffaf72d7a5a357e9bf68b1775f8cfe7e77"
},
{
"url": "https://git.kernel.org/stable/c/c88f7328bb0fff66520fc9164f02b1d06e083c1b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c88f7328bb0fff66520fc9164f02b1d06e083c1b"
},
{
"url": "https://git.kernel.org/stable/c/9eaec071f111cd2124ce9a5b93536d3f6837d457",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9eaec071f111cd2124ce9a5b93536d3f6837d457"
},
{
"url": "https://git.kernel.org/stable/c/c98eb9ffb1d9c98237b5e1668eee17654e129fb0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c98eb9ffb1d9c98237b5e1668eee17654e129fb0"
},
{
"url": "https://git.kernel.org/stable/c/b0cca357f85beb6144ab60c62dcc98508cc044bf",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b0cca357f85beb6144ab60c62dcc98508cc044bf"
},
{
"url": "https://git.kernel.org/stable/c/e6eff39dd0fe4190c6146069cc16d160e71d1148",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e6eff39dd0fe4190c6146069cc16d160e71d1148"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

169
2025/37xxx/CVE-2025-37840.json
View File

@ -1,18 +1,179 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37840",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: rawnand: brcmnand: fix PM resume warning\n\nFixed warning on PM resume as shown below caused due to uninitialized\nstruct nand_operation that checks chip select field :\nWARN_ON(op->cs >= nanddev_ntargets(&chip->base)\n\n[ 14.588522] ------------[ cut here ]------------\n[ 14.588529] WARNING: CPU: 0 PID: 1392 at drivers/mtd/nand/raw/internals.h:139 nand_reset_op+0x1e0/0x1f8\n[ 14.588553] Modules linked in: bdc udc_core\n[ 14.588579] CPU: 0 UID: 0 PID: 1392 Comm: rtcwake Tainted: G W 6.14.0-rc4-g5394eea10651 #16\n[ 14.588590] Tainted: [W]=WARN\n[ 14.588593] Hardware name: Broadcom STB (Flattened Device Tree)\n[ 14.588598] Call trace:\n[ 14.588604] dump_backtrace from show_stack+0x18/0x1c\n[ 14.588622] r7:00000009 r6:0000008b r5:60000153 r4:c0fa558c\n[ 14.588625] show_stack from dump_stack_lvl+0x70/0x7c\n[ 14.588639] dump_stack_lvl from dump_stack+0x18/0x1c\n[ 14.588653] r5:c08d40b0 r4:c1003cb0\n[ 14.588656] dump_stack from __warn+0x84/0xe4\n[ 14.588668] __warn from warn_slowpath_fmt+0x18c/0x194\n[ 14.588678] r7:c08d40b0 r6:c1003cb0 r5:00000000 r4:00000000\n[ 14.588681] warn_slowpath_fmt from nand_reset_op+0x1e0/0x1f8\n[ 14.588695] r8:70c40dff r7:89705f41 r6:36b4a597 r5:c26c9444 r4:c26b0048\n[ 14.588697] nand_reset_op from brcmnand_resume+0x13c/0x150\n[ 14.588714] r9:00000000 r8:00000000 r7:c24f8010 r6:c228a3f8 r5:c26c94bc r4:c26b0040\n[ 14.588717] brcmnand_resume from platform_pm_resume+0x34/0x54\n[ 14.588735] r5:00000010 r4:c0840a50\n[ 14.588738] platform_pm_resume from dpm_run_callback+0x5c/0x14c\n[ 14.588757] dpm_run_callback from device_resume+0xc0/0x324\n[ 14.588776] r9:c24f8054 r8:c24f80a0 r7:00000000 r6:00000000 r5:00000010 r4:c24f8010\n[ 14.588779] device_resume from dpm_resume+0x130/0x160\n[ 14.588799] r9:c22539e4 r8:00000010 r7:c22bebb0 r6:c24f8010 r5:c22539dc r4:c22539b0\n[ 14.588802] dpm_resume from dpm_resume_end+0x14/0x20\n[ 14.588822] r10:c2204e40 r9:00000000 r8:c228a3fc r7:00000000 r6:00000003 r5:c228a414\n[ 14.588826] r4:00000010\n[ 14.588828] dpm_resume_end from suspend_devices_and_enter+0x274/0x6f8\n[ 14.588848] r5:c228a414 r4:00000000\n[ 14.588851] suspend_devices_and_enter from pm_suspend+0x228/0x2bc\n[ 14.588868] r10:c3502910 r9:c3501f40 r8:00000004 r7:c228a438 r6:c0f95e18 r5:00000000\n[ 14.588871] r4:00000003\n[ 14.588874] pm_suspend from state_store+0x74/0xd0\n[ 14.588889] r7:c228a438 r6:c0f934c8 r5:00000003 r4:00000003\n[ 14.588892] state_store from kobj_attr_store+0x1c/0x28\n[ 14.588913] r9:00000000 r8:00000000 r7:f09f9f08 r6:00000004 r5:c3502900 r4:c0283250\n[ 14.588916] kobj_attr_store from sysfs_kf_write+0x40/0x4c\n[ 14.588936] r5:c3502900 r4:c0d92a48\n[ 14.588939] sysfs_kf_write from kernfs_fop_write_iter+0x104/0x1f0\n[ 14.588956] r5:c3502900 r4:c3501f40\n[ 14.588960] kernfs_fop_write_iter from vfs_write+0x250/0x420\n[ 14.588980] r10:c0e14b48 r9:00000000 r8:c25f5780 r7:00443398 r6:f09f9f68 r5:c34f7f00\n[ 14.588983] r4:c042a88c\n[ 14.588987] vfs_write from ksys_write+0x74/0xe4\n[ 14.589005] r10:00000004 r9:c25f5780 r8:c02002fA0 r7:00000000 r6:00000000 r5:c34f7f00\n[ 14.589008] r4:c34f7f00\n[ 14.589011] ksys_write from sys_write+0x10/0x14\n[ 14.589029] r7:00000004 r6:004421c0 r5:00443398 r4:00000004\n[ 14.589032] sys_write from ret_fast_syscall+0x0/0x5c\n[ 14.589044] Exception stack(0xf09f9fa8 to 0xf09f9ff0)\n[ 14.589050] 9fa0: 00000004 00443398 00000004 00443398 00000004 00000001\n[ 14.589056] 9fc0: 00000004 00443398 004421c0 00000004 b6ecbd58 00000008 bebfbc38 0043eb78\n[ 14.589062] 9fe0: 00440eb0 bebfbaf8 b6de18a0 b6e579e8\n[ 14.589065] ---[ end trace 0000000000000000 ]---\n\nThe fix uses the higher level nand_reset(chip, chipnr); where chipnr = 0, when\ndoing PM resume operation in compliance with the controller support for single\ndie nand chip. Switching from nand_reset_op() to nan\n---truncated---"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "97d90da8a886949f09bb4754843fb0b504956ad2",
"version_value": "6f567c6a5250e3531cfd9c7ff254ecc2650464fa"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.16",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.16",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.293",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.237",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.181",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.135",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.88",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.24",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13.12",
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.3",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/6f567c6a5250e3531cfd9c7ff254ecc2650464fa",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6f567c6a5250e3531cfd9c7ff254ecc2650464fa"
},
{
"url": "https://git.kernel.org/stable/c/8775581e1c48e1bdd04a893d6f6bbe5128ad0ea7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8775581e1c48e1bdd04a893d6f6bbe5128ad0ea7"
},
{
"url": "https://git.kernel.org/stable/c/fbcb584efa5cd912ff8a151d67b8fe22f4162a85",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fbcb584efa5cd912ff8a151d67b8fe22f4162a85"
},
{
"url": "https://git.kernel.org/stable/c/9dd161f707ecb7db38e5f529e979a5b6eb565b2d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9dd161f707ecb7db38e5f529e979a5b6eb565b2d"
},
{
"url": "https://git.kernel.org/stable/c/9bd51723ab51580e077c91d494c37e80703b8524",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9bd51723ab51580e077c91d494c37e80703b8524"
},
{
"url": "https://git.kernel.org/stable/c/7266066b9469f04ed1d4c0fdddaea1425835eb55",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7266066b9469f04ed1d4c0fdddaea1425835eb55"
},
{
"url": "https://git.kernel.org/stable/c/c2eb3cffb0d972c5503e4d48921971c81def0fe5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c2eb3cffb0d972c5503e4d48921971c81def0fe5"
},
{
"url": "https://git.kernel.org/stable/c/659b1f29f3e2fd5d751fdf35c5526d1f1c9b3dd2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/659b1f29f3e2fd5d751fdf35c5526d1f1c9b3dd2"
},
{
"url": "https://git.kernel.org/stable/c/ddc210cf8b8a8be68051ad958bf3e2cef6b681c2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ddc210cf8b8a8be68051ad958bf3e2cef6b681c2"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

159
2025/37xxx/CVE-2025-37841.json
View File

@ -1,18 +1,169 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37841",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npm: cpupower: bench: Prevent NULL dereference on malloc failure\n\nIf malloc returns NULL due to low memory, 'config' pointer can be NULL.\nAdd a check to prevent NULL dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "34a9394794b0f97af6afedc0c9ee2012c24b28ed"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.4.293",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.237",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.181",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.135",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.88",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.24",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13.12",
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.3",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/34a9394794b0f97af6afedc0c9ee2012c24b28ed",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/34a9394794b0f97af6afedc0c9ee2012c24b28ed"
},
{
"url": "https://git.kernel.org/stable/c/79bded9d70142d2a11d931fc029afece471641db",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/79bded9d70142d2a11d931fc029afece471641db"
},
{
"url": "https://git.kernel.org/stable/c/0e297a02e03dceb2874789ca40bd4e65c5371704",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0e297a02e03dceb2874789ca40bd4e65c5371704"
},
{
"url": "https://git.kernel.org/stable/c/87b9f0867c0afa7e892f4b30c36cff6bf2707f85",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/87b9f0867c0afa7e892f4b30c36cff6bf2707f85"
},
{
"url": "https://git.kernel.org/stable/c/942a4b97fc77516678b1d8af1521ff9a94c13b3e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/942a4b97fc77516678b1d8af1521ff9a94c13b3e"
},
{
"url": "https://git.kernel.org/stable/c/f8d28fa305b78c5d1073b63f26db265ba8291ae1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f8d28fa305b78c5d1073b63f26db265ba8291ae1"
},
{
"url": "https://git.kernel.org/stable/c/ceec06f464d5cfc0ba966225f7d50506ceb62242",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ceec06f464d5cfc0ba966225f7d50506ceb62242"
},
{
"url": "https://git.kernel.org/stable/c/5e38122aa3fd0f9788186e86a677925bfec0b2d1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5e38122aa3fd0f9788186e86a677925bfec0b2d1"
},
{
"url": "https://git.kernel.org/stable/c/208baa3ec9043a664d9acfb8174b332e6b17fb69",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/208baa3ec9043a664d9acfb8174b332e6b17fb69"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

103
2025/37xxx/CVE-2025-37842.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37842",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: fsl-qspi: use devm function instead of driver remove\n\nDriver use devm APIs to manage clk/irq/resources and register the spi\ncontroller, but the legacy remove function will be called first during\ndevice detach and trigger kernel panic. Drop the remove function and use\ndevm_add_action_or_reset() for driver cleanup to ensure the release\nsequence.\n\nTrigger kernel panic on i.MX8MQ by\necho 30bb0000.spi >/sys/bus/platform/drivers/fsl-quadspi/unbind"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "8fcb830a00f0980ffe38d223cdd9a4d2d24da476",
"version_value": "439688dbe82baa10d4430dc3252bb5ef1183a171"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.2",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.2",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13.12",
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.3",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/439688dbe82baa10d4430dc3252bb5ef1183a171",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/439688dbe82baa10d4430dc3252bb5ef1183a171"
},
{
"url": "https://git.kernel.org/stable/c/f9bfb3a5f6f616f3eb7665c8ff3bcb9760ae33c8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f9bfb3a5f6f616f3eb7665c8ff3bcb9760ae33c8"
},
{
"url": "https://git.kernel.org/stable/c/40369bfe717e96e26650eeecfa5a6363563df6e4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/40369bfe717e96e26650eeecfa5a6363563df6e4"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

114
2025/37xxx/CVE-2025-37843.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37843",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: pciehp: Avoid unnecessary device replacement check\n\nHot-removal of nested PCI hotplug ports suffers from a long-standing race\ncondition which can lead to a deadlock: A parent hotplug port acquires\npci_lock_rescan_remove(), then waits for pciehp to unbind from a child\nhotplug port. Meanwhile that child hotplug port tries to acquire\npci_lock_rescan_remove() as well in order to remove its own children.\n\nThe deadlock only occurs if the parent acquires pci_lock_rescan_remove()\nfirst, not if the child happens to acquire it first.\n\nSeveral workarounds to avoid the issue have been proposed and discarded\nover the years, e.g.:\n\nhttps://lore.kernel.org/r/4c882e25194ba8282b78fe963fec8faae7cf23eb.1529173804.git.lukas@wunner.de/\n\nA proper fix is being worked on, but needs more time as it is nontrivial\nand necessarily intrusive.\n\nRecent commit 9d573d19547b (\"PCI: pciehp: Detect device replacement during\nsystem sleep\") provokes more frequent occurrence of the deadlock when\nremoving more than one Thunderbolt device during system sleep. The commit\nsought to detect device replacement, but also triggered on device removal.\nDifferentiating reliably between replacement and removal is impossible\nbecause pci_get_dsn() returns 0 both if the device was removed, as well as\nif it was replaced with one lacking a Device Serial Number.\n\nAvoid the more frequent occurrence of the deadlock by checking whether the\nhotplug port itself was hot-removed. If so, there's no sense in checking\nwhether its child device was replaced.\n\nThis works because the ->resume_noirq() callback is invoked in top-down\norder for the entire hierarchy: A parent hotplug port detecting device\nreplacement (or removal) marks all children as removed using\npci_dev_set_disconnected() and a child hotplug port can then reliably\ndetect being removed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "9d573d19547b3fae0c1d4e5fce52bdad3fda3664",
"version_value": "e4a1d7defbc2d806540720a5adebe24ec3488683"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.11",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.11",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.24",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13.12",
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.3",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/e4a1d7defbc2d806540720a5adebe24ec3488683",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e4a1d7defbc2d806540720a5adebe24ec3488683"
},
{
"url": "https://git.kernel.org/stable/c/0d0bbd01f7c0ac7d1be9f85aaf2cd0baec34655f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0d0bbd01f7c0ac7d1be9f85aaf2cd0baec34655f"
},
{
"url": "https://git.kernel.org/stable/c/7535d10a2c61baeff493300070cf04d9ddda216b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7535d10a2c61baeff493300070cf04d9ddda216b"
},
{
"url": "https://git.kernel.org/stable/c/e3260237aaadc9799107ccb940c6688195c4518d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e3260237aaadc9799107ccb940c6688195c4518d"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

162
2025/37xxx/CVE-2025-37844.json
View File

@ -1,18 +1,172 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37844",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: avoid NULL pointer dereference in dbg call\n\ncifs_server_dbg() implies server to be non-NULL so\nmove call under condition to avoid NULL pointer dereference.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "e79b0332ae06b4895dcecddf4bbc5d3917e9383c",
"version_value": "ba3ce6c60cd5db258687dfeba9fc608f5e7cadf3"
},
{
"version_affected": "=",
"version_value": "53e83828d352304fec5e19751f38ed8c65e6ec2f"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.7",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.237",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.181",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.135",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.88",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.24",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13.12",
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.3",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/ba3ce6c60cd5db258687dfeba9fc608f5e7cadf3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ba3ce6c60cd5db258687dfeba9fc608f5e7cadf3"
},
{
"url": "https://git.kernel.org/stable/c/9c9000cb91b986eb7f75835340c67857ab97c09b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9c9000cb91b986eb7f75835340c67857ab97c09b"
},
{
"url": "https://git.kernel.org/stable/c/b2a1833e1c63e2585867ebeaf4dd41494dcede4b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b2a1833e1c63e2585867ebeaf4dd41494dcede4b"
},
{
"url": "https://git.kernel.org/stable/c/864ba5c651b03830f36f0906c21af05b15c1aaa6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/864ba5c651b03830f36f0906c21af05b15c1aaa6"
},
{
"url": "https://git.kernel.org/stable/c/e0717385f5c51e290c2cd2ad4699a778316b5132",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e0717385f5c51e290c2cd2ad4699a778316b5132"
},
{
"url": "https://git.kernel.org/stable/c/20048e658652e731f5cadf4a695925e570ca0ff9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/20048e658652e731f5cadf4a695925e570ca0ff9"
},
{
"url": "https://git.kernel.org/stable/c/6c14ee6af8f1f188b668afd6d003f7516a507b08",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6c14ee6af8f1f188b668afd6d003f7516a507b08"
},
{
"url": "https://git.kernel.org/stable/c/b4885bd5935bb26f0a414ad55679a372e53f9b9b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b4885bd5935bb26f0a414ad55679a372e53f9b9b"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

124
2025/37xxx/CVE-2025-37845.json
View File

@ -1,18 +1,134 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37845",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: fprobe events: Fix possible UAF on modules\n\nCommit ac91052f0ae5 (\"tracing: tprobe-events: Fix leakage of module\nrefcount\") moved try_module_get() from __find_tracepoint_module_cb()\nto find_tracepoint() caller, but that introduced a possible UAF\nbecause the module can be unloaded before try_module_get(). In this\ncase, the module object should be freed too. Thus, try_module_get()\ndoes not only fail but may access to the freed object.\n\nTo avoid that, try_module_get() in __find_tracepoint_module_cb()\nagain."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "71c9cf87776eaa556fc0a0a060df94200e1f521c",
"version_value": "868df4eb784c3ccc7e4340a9ea993cbbedca167e"
},
{
"version_affected": "<",
"version_name": "9db2b8cf4ea07b579db588e0353d5680f5d1f071",
"version_value": "a27d2de2472b1cc7d582ab405d1d5832a80481de"
},
{
"version_affected": "<",
"version_name": "ac91052f0ae5be9e46211ba92cc31c0e3b0a933a",
"version_value": "626f01f4d26e8cf92e69c1df53036153c8e98a20"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.14",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.14",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.24",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13.12",
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.3",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/868df4eb784c3ccc7e4340a9ea993cbbedca167e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/868df4eb784c3ccc7e4340a9ea993cbbedca167e"
},
{
"url": "https://git.kernel.org/stable/c/a27d2de2472b1cc7d582ab405d1d5832a80481de",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a27d2de2472b1cc7d582ab405d1d5832a80481de"
},
{
"url": "https://git.kernel.org/stable/c/626f01f4d26e8cf92e69c1df53036153c8e98a20",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/626f01f4d26e8cf92e69c1df53036153c8e98a20"
},
{
"url": "https://git.kernel.org/stable/c/dd941507a9486252d6fcf11814387666792020f3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/dd941507a9486252d6fcf11814387666792020f3"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

114
2025/37xxx/CVE-2025-37846.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37846",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: mops: Do not dereference src reg for a set operation\n\nThe source register is not used for SET* and reading it can result in\na UBSAN out-of-bounds array access error, specifically when the MOPS\nexception is taken from a SET* sequence with XZR (reg 31) as the\nsource. Architecturally this is the only case where a src/dst/size\nfield in the ESR can be reported as 31.\n\nPrior to 2de451a329cf662b the code in do_el0_mops() was benign as the\nuse of pt_regs_read_reg() prevented the out-of-bounds access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2de451a329cf662beeba71f63c7f83ee24ca6642",
"version_value": "eec737e17e5567e08148550a7f1d94d495b9fb17"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.7",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.24",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13.12",
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.3",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/eec737e17e5567e08148550a7f1d94d495b9fb17",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/eec737e17e5567e08148550a7f1d94d495b9fb17"
},
{
"url": "https://git.kernel.org/stable/c/43267d934eacff6c70e15545d804ebbcab8a0bf5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/43267d934eacff6c70e15545d804ebbcab8a0bf5"
},
{
"url": "https://git.kernel.org/stable/c/5f6022a74147675124b781fdc056b291850e7786",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5f6022a74147675124b781fdc056b291850e7786"
},
{
"url": "https://git.kernel.org/stable/c/a13bfa4fe0d6949cea14718df2d1fe84c38cd113",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a13bfa4fe0d6949cea14718df2d1fe84c38cd113"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

114
2025/37xxx/CVE-2025-37847.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37847",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/ivpu: Fix deadlock in ivpu_ms_cleanup()\n\nFix deadlock in ivpu_ms_cleanup() by preventing runtime resume after\nfile_priv->ms_lock is acquired.\n\nDuring a failure in runtime resume, a cold boot is executed, which\ncalls ivpu_ms_cleanup_all(). This function calls ivpu_ms_cleanup()\nthat acquires file_priv->ms_lock and causes the deadlock."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "cdfad4db7756563db7d458216d9e3c2651dddc7d",
"version_value": "7d12a7d43c7bab9097ba466581d8db702e7908dc"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.11",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.11",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.24",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13.12",
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.3",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/7d12a7d43c7bab9097ba466581d8db702e7908dc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7d12a7d43c7bab9097ba466581d8db702e7908dc"
},
{
"url": "https://git.kernel.org/stable/c/f996ecc789b5dbaaf38b6ec0a1917821789cbd9c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f996ecc789b5dbaaf38b6ec0a1917821789cbd9c"
},
{
"url": "https://git.kernel.org/stable/c/019634f27a16796eab749e8107dae32099945f29",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/019634f27a16796eab749e8107dae32099945f29"
},
{
"url": "https://git.kernel.org/stable/c/9a6f56762d23a1f3af15e67901493c927caaf882",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9a6f56762d23a1f3af15e67901493c927caaf882"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

114
2025/37xxx/CVE-2025-37848.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37848",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/ivpu: Fix PM related deadlocks in MS IOCTLs\n\nPrevent runtime resume/suspend while MS IOCTLs are in progress.\nFailed suspend will call ivpu_ms_cleanup() that would try to acquire\nfile_priv->ms_lock, which is already held by the IOCTLs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "cdfad4db7756563db7d458216d9e3c2651dddc7d",
"version_value": "afada73000bef7c79a22f0d7e93fac414eeff19e"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.11",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.11",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.24",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13.12",
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.3",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/afada73000bef7c79a22f0d7e93fac414eeff19e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/afada73000bef7c79a22f0d7e93fac414eeff19e"
},
{
"url": "https://git.kernel.org/stable/c/c3d9fc2f2746b52e9f820a13c53b4418bec04b48",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c3d9fc2f2746b52e9f820a13c53b4418bec04b48"
},
{
"url": "https://git.kernel.org/stable/c/84547128526441b45c3c241419dececf20c30104",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/84547128526441b45c3c241419dececf20c30104"
},
{
"url": "https://git.kernel.org/stable/c/d893da85e06edf54737bb80648bb58ba8fd56d9f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d893da85e06edf54737bb80648bb58ba8fd56d9f"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

126
2025/37xxx/CVE-2025-37849.json
View File

@ -1,18 +1,136 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37849",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Tear down vGIC on failed vCPU creation\n\nIf kvm_arch_vcpu_create() fails to share the vCPU page with the\nhypervisor, we propagate the error back to the ioctl but leave the\nvGIC vCPU data initialised. Note only does this leak the corresponding\nmemory when the vCPU is destroyed but it can also lead to use-after-free\nif the redistributor device handling tries to walk into the vCPU.\n\nAdd the missing cleanup to kvm_arch_vcpu_create(), ensuring that the\nvGIC vCPU structures are destroyed on error."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "07476e0d932afc53c05468076393ac35d0b4999e"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.1.135",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.88",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.24",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13.12",
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.3",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/07476e0d932afc53c05468076393ac35d0b4999e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/07476e0d932afc53c05468076393ac35d0b4999e"
},
{
"url": "https://git.kernel.org/stable/c/5085e02362b9948f82fceca979b8f8e12acb1cc5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5085e02362b9948f82fceca979b8f8e12acb1cc5"
},
{
"url": "https://git.kernel.org/stable/c/c322789613407647a05ff5c451a7bf545fb34e73",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c322789613407647a05ff5c451a7bf545fb34e73"
},
{
"url": "https://git.kernel.org/stable/c/2480326eba8ae9ccc5e4c3c2dc8d407db68e3c52",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2480326eba8ae9ccc5e4c3c2dc8d407db68e3c52"
},
{
"url": "https://git.kernel.org/stable/c/f1e9087abaeedec9bf2894a282ee4f0d8383f299",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f1e9087abaeedec9bf2894a282ee4f0d8383f299"
},
{
"url": "https://git.kernel.org/stable/c/250f25367b58d8c65a1b060a2dda037eea09a672",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/250f25367b58d8c65a1b060a2dda037eea09a672"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

169
2025/37xxx/CVE-2025-37850.json
View File

@ -1,18 +1,179 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37850",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config()\n\nWith CONFIG_COMPILE_TEST && !CONFIG_HAVE_CLK, pwm_mediatek_config() has a\ndivide-by-zero in the following line:\n\n\tdo_div(resolution, clk_get_rate(pc->clk_pwms[pwm->hwpwm]));\n\ndue to the fact that the !CONFIG_HAVE_CLK version of clk_get_rate()\nreturns zero.\n\nThis is presumably just a theoretical problem: COMPILE_TEST overrides\nthe dependency on RALINK which would select COMMON_CLK. Regardless it's\na good idea to check for the error explicitly to avoid divide-by-zero.\n\nFixes the following warning:\n\n drivers/pwm/pwm-mediatek.o: warning: objtool: .text: unexpected end of section\n\n[ukleinek: s/CONFIG_CLK/CONFIG_HAVE_CLK/]"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "caf065f8fd583b43a3f95d84c8a0a0d07597963b",
"version_value": "8b9f60725d74b72c238e4437c957d0217746b506"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.12",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.12",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.293",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.237",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.181",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.135",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.88",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.24",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13.12",
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.3",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/8b9f60725d74b72c238e4437c957d0217746b506",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8b9f60725d74b72c238e4437c957d0217746b506"
},
{
"url": "https://git.kernel.org/stable/c/e1206d8e1651c9f62e5640b69b14d925b1a0a00a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e1206d8e1651c9f62e5640b69b14d925b1a0a00a"
},
{
"url": "https://git.kernel.org/stable/c/e3cf0c38d3ce754ad63005102fcfeb0b7ff3290b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e3cf0c38d3ce754ad63005102fcfeb0b7ff3290b"
},
{
"url": "https://git.kernel.org/stable/c/f3e9cf266c2c103cf071e15d7a17e2c699fff3c5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f3e9cf266c2c103cf071e15d7a17e2c699fff3c5"
},
{
"url": "https://git.kernel.org/stable/c/8ddbec73ea2598d8414e8f7103241b55cf877010",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8ddbec73ea2598d8414e8f7103241b55cf877010"
},
{
"url": "https://git.kernel.org/stable/c/4cb15042b5f3ec0474e91cf379120cc597625dbb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4cb15042b5f3ec0474e91cf379120cc597625dbb"
},
{
"url": "https://git.kernel.org/stable/c/c343856ff2689ce0afef823592732fc178ef4aac",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c343856ff2689ce0afef823592732fc178ef4aac"
},
{
"url": "https://git.kernel.org/stable/c/77fb96dbe350e8a5ae4965ff9f6e7049f3966a6b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/77fb96dbe350e8a5ae4965ff9f6e7049f3966a6b"
},
{
"url": "https://git.kernel.org/stable/c/7ca59947b5fcf94e7ea4029d1bd0f7c41500a161",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7ca59947b5fcf94e7ea4029d1bd0f7c41500a161"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

159
2025/37xxx/CVE-2025-37851.json
View File

@ -1,18 +1,169 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37851",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: omapfb: Add 'plane' value check\n\nFunction dispc_ovl_setup is not intended to work with the value OMAP_DSS_WB\nof the enum parameter plane.\n\nThe value of this parameter is initialized in dss_init_overlays and in the\ncurrent state of the code it cannot take this value so it's not a real\nproblem.\n\nFor the purposes of defensive coding it wouldn't be superfluous to check\nthe parameter value, because some functions down the call stack process\nthis value correctly and some not.\n\nFor example, in dispc_ovl_setup_global_alpha it may lead to buffer\noverflow.\n\nAdd check for this value.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "a570efb4d877adbf3db2dc95487f2ba6bfdd148a"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.4.293",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.237",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.181",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.135",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.88",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.24",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13.12",
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.3",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/a570efb4d877adbf3db2dc95487f2ba6bfdd148a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a570efb4d877adbf3db2dc95487f2ba6bfdd148a"
},
{
"url": "https://git.kernel.org/stable/c/cdf41d72e8b015d9ea68f5a1c0a79624e7c312aa",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cdf41d72e8b015d9ea68f5a1c0a79624e7c312aa"
},
{
"url": "https://git.kernel.org/stable/c/09dbf22fd68c2f1a81ab89670ffa1ec3033436c4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/09dbf22fd68c2f1a81ab89670ffa1ec3033436c4"
},
{
"url": "https://git.kernel.org/stable/c/660a53a0694d1f3789802509fe729dd4656fc5e0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/660a53a0694d1f3789802509fe729dd4656fc5e0"
},
{
"url": "https://git.kernel.org/stable/c/fda15c5b96b883d62fb2d84a3a1422aa87717897",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fda15c5b96b883d62fb2d84a3a1422aa87717897"
},
{
"url": "https://git.kernel.org/stable/c/52eafaa56f8f6d6a0cdff9282b25b4acbde34edc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/52eafaa56f8f6d6a0cdff9282b25b4acbde34edc"
},
{
"url": "https://git.kernel.org/stable/c/9b0a41589ee70529b20e1e0108d03f10c649bdc4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9b0a41589ee70529b20e1e0108d03f10c649bdc4"
},
{
"url": "https://git.kernel.org/stable/c/4efd8ef5e40f2c7a4a91a5a9f03140bfa827da89",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4efd8ef5e40f2c7a4a91a5a9f03140bfa827da89"
},
{
"url": "https://git.kernel.org/stable/c/3e411827f31db7f938a30a3c7a7599839401ec30",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3e411827f31db7f938a30a3c7a7599839401ec30"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

126
2025/37xxx/CVE-2025-37852.json
View File

@ -1,18 +1,136 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37852",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create()\n\nAdd error handling to propagate amdgpu_cgs_create_device() failures\nto the caller. When amdgpu_cgs_create_device() fails, release hwmgr\nand return -ENOMEM to prevent null pointer dereference.\n\n[v1]->[v2]: Change error code from -EINVAL to -ENOMEM. Free hwmgr."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "55ef52c30c3e747f145a64de96192e37a8fed670"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.1.135",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.88",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.24",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13.12",
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.3",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/55ef52c30c3e747f145a64de96192e37a8fed670",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/55ef52c30c3e747f145a64de96192e37a8fed670"
},
{
"url": "https://git.kernel.org/stable/c/f8693e1bae9c08233a2f535c3f412e157df32b33",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f8693e1bae9c08233a2f535c3f412e157df32b33"
},
{
"url": "https://git.kernel.org/stable/c/dc4380f34613eaae997b3ed263bd1cb3d0fd0075",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/dc4380f34613eaae997b3ed263bd1cb3d0fd0075"
},
{
"url": "https://git.kernel.org/stable/c/22ea19cc089013b55c240134dbb2797700ff5a6a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/22ea19cc089013b55c240134dbb2797700ff5a6a"
},
{
"url": "https://git.kernel.org/stable/c/b784734811438f11533e2fb9e0deb327844bdb56",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b784734811438f11533e2fb9e0deb327844bdb56"
},
{
"url": "https://git.kernel.org/stable/c/1435e895d4fc967d64e9f5bf81e992ac32f5ac76",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1435e895d4fc967d64e9f5bf81e992ac32f5ac76"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

115
2025/37xxx/CVE-2025-37853.json
View File

@ -1,18 +1,125 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37853",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: debugfs hang_hws skip GPU with MES\n\ndebugfs hang_hws is used by GPU reset test with HWS, for MES this crash\nthe kernel with NULL pointer access because dqm->packet_mgr is not setup\nfor MES path.\n\nSkip GPU with MES for now, MES hang_hws debugfs interface will be\nsupported later."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "a36f8d544522a19ef06ed9e84667d154dcb6be52"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.6.88",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.24",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13.12",
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.3",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/a36f8d544522a19ef06ed9e84667d154dcb6be52",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a36f8d544522a19ef06ed9e84667d154dcb6be52"
},
{
"url": "https://git.kernel.org/stable/c/1a322b330dc0b775d1d7a84e55c752d9451bfe7d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1a322b330dc0b775d1d7a84e55c752d9451bfe7d"
},
{
"url": "https://git.kernel.org/stable/c/f84c57906f0fd2185e557d2552b20aa8430a4677",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f84c57906f0fd2185e557d2552b20aa8430a4677"
},
{
"url": "https://git.kernel.org/stable/c/24b9e0e2e6147314c22d821f0542c4dd9a320c40",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/24b9e0e2e6147314c22d821f0542c4dd9a320c40"
},
{
"url": "https://git.kernel.org/stable/c/fe9d0061c413f8fb8c529b18b592b04170850ded",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/fe9d0061c413f8fb8c529b18b592b04170850ded"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

126
2025/37xxx/CVE-2025-37854.json
View File

@ -1,18 +1,136 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37854",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix mode1 reset crash issue\n\nIf HW scheduler hangs and mode1 reset is used to recover GPU, KFD signal\nuser space to abort the processes. After process abort exit, user queues\nstill use the GPU to access system memory before h/w is reset while KFD\ncleanup worker free system memory and free VRAM.\n\nThere is use-after-free race bug that KFD allocate and reuse the freed\nsystem memory, and user queue write to the same system memory to corrupt\nthe data structure and cause driver crash.\n\nTo fix this race, KFD cleanup worker terminate user queues, then flush\nreset_domain wq to wait for any GPU ongoing reset complete, and then\nfree outstanding BOs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "57c9dabda80ac167de8cd71231baae37cc2f442d"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.1.135",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.88",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.24",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13.12",
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.3",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/57c9dabda80ac167de8cd71231baae37cc2f442d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/57c9dabda80ac167de8cd71231baae37cc2f442d"
},
{
"url": "https://git.kernel.org/stable/c/89af6b39f028c130d4362f57042927f005423e6a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/89af6b39f028c130d4362f57042927f005423e6a"
},
{
"url": "https://git.kernel.org/stable/c/ffd37d7d44d7e0b6e769d4fe6590e327f8cc3951",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ffd37d7d44d7e0b6e769d4fe6590e327f8cc3951"
},
{
"url": "https://git.kernel.org/stable/c/6f30a847432cae84c7428e9b684b3e3fa49b2391",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6f30a847432cae84c7428e9b684b3e3fa49b2391"
},
{
"url": "https://git.kernel.org/stable/c/9c4bcdf4068aae3e17e31c144300be405cfa03ff",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9c4bcdf4068aae3e17e31c144300be405cfa03ff"
},
{
"url": "https://git.kernel.org/stable/c/f0b4440cdc1807bb6ec3dce0d6de81170803569b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f0b4440cdc1807bb6ec3dce0d6de81170803569b"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

82
2025/37xxx/CVE-2025-37855.json
View File

@ -1,18 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37855",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Guard Possible Null Pointer Dereference\n\n[WHY]\nIn some situations, dc->res_pool may be null.\n\n[HOW]\nCheck if pointer is null before dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "dc2de1ac7145f882f3c03d2d6f84583ae7e35d41"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.14.3",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/dc2de1ac7145f882f3c03d2d6f84583ae7e35d41",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/dc2de1ac7145f882f3c03d2d6f84583ae7e35d41"
},
{
"url": "https://git.kernel.org/stable/c/c87d202692de34ee71d1fd4679a549a29095658a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c87d202692de34ee71d1fd4679a549a29095658a"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

104
2025/37xxx/CVE-2025-37856.json
View File

@ -1,18 +1,114 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37856",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: harden block_group::bg_list against list_del() races\n\nAs far as I can tell, these calls of list_del_init() on bg_list cannot\nrun concurrently with btrfs_mark_bg_unused() or btrfs_mark_bg_to_reclaim(),\nas they are in transaction error paths and situations where the block\ngroup is readonly.\n\nHowever, if there is any chance at all of racing with mark_bg_unused(),\nor a different future user of bg_list, better to be safe than sorry.\n\nOtherwise we risk the following interleaving (bg_list refcount in parens)\n\nT1 (some random op) T2 (btrfs_mark_bg_unused)\n !list_empty(&bg->bg_list); (1)\nlist_del_init(&bg->bg_list); (1)\n list_move_tail (1)\nbtrfs_put_block_group (0)\n btrfs_delete_unused_bgs\n bg = list_first_entry\n list_del_init(&bg->bg_list);\n btrfs_put_block_group(bg); (-1)\n\nUltimately, this results in a broken ref count that hits zero one deref\nearly and the real final deref underflows the refcount, resulting in a WARNING."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "bf089c4d1141b27332c092b1dcca5022c415a3b6"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.12.24",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13.12",
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.3",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/bf089c4d1141b27332c092b1dcca5022c415a3b6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/bf089c4d1141b27332c092b1dcca5022c415a3b6"
},
{
"url": "https://git.kernel.org/stable/c/909e60fb469d4101c6b08cf6e622efb062bb24a1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/909e60fb469d4101c6b08cf6e622efb062bb24a1"
},
{
"url": "https://git.kernel.org/stable/c/185fd73e5ac06027c4be9a129e59193f6a3ef202",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/185fd73e5ac06027c4be9a129e59193f6a3ef202"
},
{
"url": "https://git.kernel.org/stable/c/7511e29cf1355b2c47d0effb39e463119913e2f6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7511e29cf1355b2c47d0effb39e463119913e2f6"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

159
2025/37xxx/CVE-2025-37857.json
View File

@ -1,18 +1,169 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37857",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: st: Fix array overflow in st_setup()\n\nChange the array size to follow parms size instead of a fixed value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "736ae988bfb5932c05625baff70fba224d547c08"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.4.293",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.237",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.181",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.135",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.88",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.24",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13.12",
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.3",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/736ae988bfb5932c05625baff70fba224d547c08",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/736ae988bfb5932c05625baff70fba224d547c08"
},
{
"url": "https://git.kernel.org/stable/c/574b399a7fb6ae71c97e26d122205c4a720c0e43",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/574b399a7fb6ae71c97e26d122205c4a720c0e43"
},
{
"url": "https://git.kernel.org/stable/c/c6015d0f7a2236ddb3928b2dfcb1c556a1368b55",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c6015d0f7a2236ddb3928b2dfcb1c556a1368b55"
},
{
"url": "https://git.kernel.org/stable/c/f746fe0c51e044d1248dc67918328bfb3d86b639",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f746fe0c51e044d1248dc67918328bfb3d86b639"
},
{
"url": "https://git.kernel.org/stable/c/e4d1ca0a84a6650d3172eb8c07ef2fbc585b0d96",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e4d1ca0a84a6650d3172eb8c07ef2fbc585b0d96"
},
{
"url": "https://git.kernel.org/stable/c/7fe3b4deed8b93609058c37c9a11df1d2b2c0423",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7fe3b4deed8b93609058c37c9a11df1d2b2c0423"
},
{
"url": "https://git.kernel.org/stable/c/e6b585d016c47ca8a37b92ea8a3fe35c0b585256",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e6b585d016c47ca8a37b92ea8a3fe35c0b585256"
},
{
"url": "https://git.kernel.org/stable/c/ad4c3037dc77739a625246a2a0fb23b8f3402c06",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ad4c3037dc77739a625246a2a0fb23b8f3402c06"
},
{
"url": "https://git.kernel.org/stable/c/a018d1cf990d0c339fe0e29b762ea5dc10567d67",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a018d1cf990d0c339fe0e29b762ea5dc10567d67"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

159
2025/37xxx/CVE-2025-37858.json
View File

@ -1,18 +1,169 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37858",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/jfs: Prevent integer overflow in AG size calculation\n\nThe JFS filesystem calculates allocation group (AG) size using 1 <<\nl2agsize in dbExtendFS(). When l2agsize exceeds 31 (possible with >2TB\naggregates on 32-bit systems), this 32-bit shift operation causes undefined\nbehavior and improper AG sizing.\n\nOn 32-bit architectures:\n- Left-shifting 1 by 32+ bits results in 0 due to integer overflow\n- This creates invalid AG sizes (0 or garbage values) in\nsbi->bmap->db_agsize\n- Subsequent block allocations would reference invalid AG structures\n- Could lead to:\n - Filesystem corruption during extend operations\n - Kernel crashes due to invalid memory accesses\n - Security vulnerabilities via malformed on-disk structures\n\nFix by casting to s64 before shifting:\nbmp->db_agsize = (s64)1 << l2agsize;\n\nThis ensures 64-bit arithmetic even on 32-bit architectures. The cast\nmatches the data type of db_agsize (s64) and follows similar patterns in\nJFS block calculation code.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "dd07a985e2ded47b6c7d69fc93c1fe02977c8454"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.4.293",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.237",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.181",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.135",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.88",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.24",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13.12",
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.3",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/dd07a985e2ded47b6c7d69fc93c1fe02977c8454",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/dd07a985e2ded47b6c7d69fc93c1fe02977c8454"
},
{
"url": "https://git.kernel.org/stable/c/8bb29629a5e4090e1ef7199cb42db04a52802239",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8bb29629a5e4090e1ef7199cb42db04a52802239"
},
{
"url": "https://git.kernel.org/stable/c/3d8a45f87010a802aa214bf39702ca9d99cbf3ba",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3d8a45f87010a802aa214bf39702ca9d99cbf3ba"
},
{
"url": "https://git.kernel.org/stable/c/55edbf5dbf60a8195c21e92124c4028939ae16b2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/55edbf5dbf60a8195c21e92124c4028939ae16b2"
},
{
"url": "https://git.kernel.org/stable/c/7ccf3b35274512b60ecb614e0637e76bd6f2d829",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7ccf3b35274512b60ecb614e0637e76bd6f2d829"
},
{
"url": "https://git.kernel.org/stable/c/c802a6a4009f585111f903e810b3be9c6d0da329",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c802a6a4009f585111f903e810b3be9c6d0da329"
},
{
"url": "https://git.kernel.org/stable/c/211ed8f5e39e61f9e4d18edd64ce8005a67a1b2a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/211ed8f5e39e61f9e4d18edd64ce8005a67a1b2a"
},
{
"url": "https://git.kernel.org/stable/c/ec34cdf4f917cc6abd306cf091f8b8361fedac88",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ec34cdf4f917cc6abd306cf091f8b8361fedac88"
},
{
"url": "https://git.kernel.org/stable/c/7fcbf789629cdb9fbf4e2172ce31136cfed11e5e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7fcbf789629cdb9fbf4e2172ce31136cfed11e5e"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

159
2025/37xxx/CVE-2025-37859.json
View File

@ -1,18 +1,169 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37859",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npage_pool: avoid infinite loop to schedule delayed worker\n\nWe noticed the kworker in page_pool_release_retry() was waken\nup repeatedly and infinitely in production because of the\nbuggy driver causing the inflight less than 0 and warning\nus in page_pool_inflight()[1].\n\nSince the inflight value goes negative, it means we should\nnot expect the whole page_pool to get back to work normally.\n\nThis patch mitigates the adverse effect by not rescheduling\nthe kworker when detecting the inflight negative in\npage_pool_release_retry().\n\n[1]\n[Mon Feb 10 20:36:11 2025] ------------[ cut here ]------------\n[Mon Feb 10 20:36:11 2025] Negative(-51446) inflight packet-pages\n...\n[Mon Feb 10 20:36:11 2025] Call Trace:\n[Mon Feb 10 20:36:11 2025] page_pool_release_retry+0x23/0x70\n[Mon Feb 10 20:36:11 2025] process_one_work+0x1b1/0x370\n[Mon Feb 10 20:36:11 2025] worker_thread+0x37/0x3a0\n[Mon Feb 10 20:36:11 2025] kthread+0x11a/0x140\n[Mon Feb 10 20:36:11 2025] ? process_one_work+0x370/0x370\n[Mon Feb 10 20:36:11 2025] ? __kthread_cancel_work+0x40/0x40\n[Mon Feb 10 20:36:11 2025] ret_from_fork+0x35/0x40\n[Mon Feb 10 20:36:11 2025] ---[ end trace ebffe800f33e7e34 ]---\nNote: before this patch, the above calltrace would flood the\ndmesg due to repeated reschedule of release_dw kworker."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "c3c7c57017ce1d4b2d3788c1fc59e7e39026e158"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.4.293",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.237",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.181",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.135",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.88",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.24",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13.12",
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.3",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/c3c7c57017ce1d4b2d3788c1fc59e7e39026e158",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c3c7c57017ce1d4b2d3788c1fc59e7e39026e158"
},
{
"url": "https://git.kernel.org/stable/c/9f71db4fb82deb889e0bac4a51b34daea7d506a3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9f71db4fb82deb889e0bac4a51b34daea7d506a3"
},
{
"url": "https://git.kernel.org/stable/c/91522aba56e9fcdf64da25ffef9b27f8fad48e0f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/91522aba56e9fcdf64da25ffef9b27f8fad48e0f"
},
{
"url": "https://git.kernel.org/stable/c/90e089a64504982f8d62f223027cb9f903781f78",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/90e089a64504982f8d62f223027cb9f903781f78"
},
{
"url": "https://git.kernel.org/stable/c/95f17738b86fd198924d874a5639bcdc49c7e5b8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/95f17738b86fd198924d874a5639bcdc49c7e5b8"
},
{
"url": "https://git.kernel.org/stable/c/7204335d1991c23fc615ab76f31f175748a578e1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7204335d1991c23fc615ab76f31f175748a578e1"
},
{
"url": "https://git.kernel.org/stable/c/e74e5aa33228c5e2cb4fc80ad103541a7b7805ec",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e74e5aa33228c5e2cb4fc80ad103541a7b7805ec"
},
{
"url": "https://git.kernel.org/stable/c/738d1812ec2e395e953258aea912ddd867d11a13",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/738d1812ec2e395e953258aea912ddd867d11a13"
},
{
"url": "https://git.kernel.org/stable/c/43130d02baa137033c25297aaae95fd0edc41654",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/43130d02baa137033c25297aaae95fd0edc41654"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

104
2025/37xxx/CVE-2025-37861.json
View File

@ -1,18 +1,114 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37861",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue\n\nWhen the task management thread processes reply queues while the reset\nthread resets them, the task management thread accesses an invalid queue ID\n(0xFFFF), set by the reset thread, which points to unallocated memory,\ncausing a crash.\n\nAdd flag 'io_admin_reset_sync' to synchronize access between the reset,\nI/O, and admin threads. Before a reset, the reset handler sets this flag to\nblock I/O and admin processing threads. If any thread bypasses the initial\ncheck, the reset thread waits up to 10 seconds for processing to finish. If\nthe wait exceeds 10 seconds, the controller is marked as unrecoverable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "65ba18c84dbd03afe9b38c06c151239d97a09834"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.12.24",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13.12",
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.3",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/65ba18c84dbd03afe9b38c06c151239d97a09834",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/65ba18c84dbd03afe9b38c06c151239d97a09834"
},
{
"url": "https://git.kernel.org/stable/c/8d310d66e2b0f5f9f709764641647e8a3a4924fa",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8d310d66e2b0f5f9f709764641647e8a3a4924fa"
},
{
"url": "https://git.kernel.org/stable/c/75b67dca4195e11ccf966a704787b2aa2754a457",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/75b67dca4195e11ccf966a704787b2aa2754a457"
},
{
"url": "https://git.kernel.org/stable/c/f195fc060c738d303a21fae146dbf85e1595fb4c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f195fc060c738d303a21fae146dbf85e1595fb4c"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

159
2025/37xxx/CVE-2025-37862.json
View File

@ -1,18 +1,169 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37862",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: pidff: Fix null pointer dereference in pidff_find_fields\n\nThis function triggered a null pointer dereference if used to search for\na report that isn't implemented on the device. This happened both for\noptional and required reports alike.\n\nThe same logic was applied to pidff_find_special_field and although\npidff_init_fields should return an error earlier if one of the required\nreports is missing, future modifications could change this logic and\nresurface this possible null pointer dereference again.\n\nLKML bug report:\nhttps://lore.kernel.org/all/CAL-gK7f5=R0nrrQdPtaZZr1fd-cdAMbDMuZ_NLA8vM0SX+nGSw@mail.gmail.com"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "44a1b8b2027afbb37e418993fb23561bdb9efb38"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.4.293",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.237",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.181",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.135",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.88",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.24",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.13.12",
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.3",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/44a1b8b2027afbb37e418993fb23561bdb9efb38",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/44a1b8b2027afbb37e418993fb23561bdb9efb38"
},
{
"url": "https://git.kernel.org/stable/c/d230becb9d38b7325c5c38d051693e4c26b1829b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d230becb9d38b7325c5c38d051693e4c26b1829b"
},
{
"url": "https://git.kernel.org/stable/c/6b4449e4f03326fbd2136e67bfcc1e6ffe61541d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6b4449e4f03326fbd2136e67bfcc1e6ffe61541d"
},
{
"url": "https://git.kernel.org/stable/c/ddb147885225d768025f6818df533d30edf3e102",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ddb147885225d768025f6818df533d30edf3e102"
},
{
"url": "https://git.kernel.org/stable/c/be706a48bb7896d4130edc82811233d1d62158e7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/be706a48bb7896d4130edc82811233d1d62158e7"
},
{
"url": "https://git.kernel.org/stable/c/f8f4d77710e1c38f4a2bd26c88c4878b5b5e817a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f8f4d77710e1c38f4a2bd26c88c4878b5b5e817a"
},
{
"url": "https://git.kernel.org/stable/c/3a507184f9307e19cb441b897c49e7843c94e56b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3a507184f9307e19cb441b897c49e7843c94e56b"
},
{
"url": "https://git.kernel.org/stable/c/e368698da79af821f18c099520deab1219c2044b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e368698da79af821f18c099520deab1219c2044b"
},
{
"url": "https://git.kernel.org/stable/c/22a05462c3d0eee15154faf8d13c49e6295270a5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/22a05462c3d0eee15154faf8d13c49e6295270a5"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

119
2025/37xxx/CVE-2025-37863.json
View File

@ -1,18 +1,129 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37863",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\novl: don't allow datadir only\n\nIn theory overlayfs could support upper layer directly referring to a data\nlayer, but there's no current use case for this.\n\nOriginally, when data-only layers were introduced, this wasn't allowed,\nonly introduced by the \"datadir+\" feature, but without actually handling\nthis case, resulting in an Oops.\n\nFix by disallowing datadir without lowerdir."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "cc0918b3582c98f12cfb30bf7496496d14bff3e9",
"version_value": "0874b629f65320778e7e3e206177770666d9db18"
},
{
"version_affected": "<",
"version_name": "24e16e385f2272b1a9df51337a5c32d28a29c7ad",
"version_value": "b9e3579213ba648fa23f780e8d53e99011c62331"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.7",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.88",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.25",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.4",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc3",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/0874b629f65320778e7e3e206177770666d9db18",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0874b629f65320778e7e3e206177770666d9db18"
},
{
"url": "https://git.kernel.org/stable/c/b9e3579213ba648fa23f780e8d53e99011c62331",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b9e3579213ba648fa23f780e8d53e99011c62331"
},
{
"url": "https://git.kernel.org/stable/c/21d2ffb0e9838a175064c22f3a9de97d1f56f27d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/21d2ffb0e9838a175064c22f3a9de97d1f56f27d"
},
{
"url": "https://git.kernel.org/stable/c/eb3a04a8516ee9b5174379306f94279fc90424c4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/eb3a04a8516ee9b5174379306f94279fc90424c4"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

114
2025/37xxx/CVE-2025-37864.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37864",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: clean up FDB, MDB, VLAN entries on unbind\n\nAs explained in many places such as commit b117e1e8a86d (\"net: dsa:\ndelete dsa_legacy_fdb_add and dsa_legacy_fdb_del\"), DSA is written given\nthe assumption that higher layers have balanced additions/deletions.\nAs such, it only makes sense to be extremely vocal when those\nassumptions are violated and the driver unbinds with entries still\npresent.\n\nBut Ido Schimmel points out a very simple situation where that is wrong:\nhttps://lore.kernel.org/netdev/ZDazSM5UsPPjQuKr@shredder/\n(also briefly discussed by me in the aforementioned commit).\n\nBasically, while the bridge bypass operations are not something that DSA\nexplicitly documents, and for the majority of DSA drivers this API\nsimply causes them to go to promiscuous mode, that isn't the case for\nall drivers. Some have the necessary requirements for bridge bypass\noperations to do something useful - see dsa_switch_supports_uc_filtering().\n\nAlthough in tools/testing/selftests/net/forwarding/local_termination.sh,\nwe made an effort to popularize better mechanisms to manage address\nfilters on DSA interfaces from user space - namely macvlan for unicast,\nand setsockopt(IP_ADD_MEMBERSHIP) - through mtools - for multicast, the\nfact is that 'bridge fdb add ... self static local' also exists as\nkernel UAPI, and might be useful to someone, even if only for a quick\nhack.\n\nIt seems counter-productive to block that path by implementing shim\n.ndo_fdb_add and .ndo_fdb_del operations which just return -EOPNOTSUPP\nin order to prevent the ndo_dflt_fdb_add() and ndo_dflt_fdb_del() from\nrunning, although we could do that.\n\nAccepting that cleanup is necessary seems to be the only option.\nEspecially since we appear to be coming back at this from a different\nangle as well. Russell King is noticing that the WARN_ON() triggers even\nfor VLANs:\nhttps://lore.kernel.org/netdev/Z_li8Bj8bD4-BYKQ@shell.armlinux.org.uk/\n\nWhat happens in the bug report above is that dsa_port_do_vlan_del() fails,\nthen the VLAN entry lingers on, and then we warn on unbind and leak it.\n\nThis is not a straight revert of the blamed commit, but we now add an\ninformational print to the kernel log (to still have a way to see\nthat bugs exist), and some extra comments gathered from past years'\nexperience, to justify the logic."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0832cd9f1f023226527e95002d537123061ddac4",
"version_value": "86c6613a69bca815f1865ed8cedfd4b9142621ab"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.18",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.18",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.88",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.25",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.4",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc3",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/86c6613a69bca815f1865ed8cedfd4b9142621ab",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/86c6613a69bca815f1865ed8cedfd4b9142621ab"
},
{
"url": "https://git.kernel.org/stable/c/8fcc1e6f808912977caf17366c625b95dc29ba4f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8fcc1e6f808912977caf17366c625b95dc29ba4f"
},
{
"url": "https://git.kernel.org/stable/c/99c50c98803425378e08a7394dc885506dc85f06",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/99c50c98803425378e08a7394dc885506dc85f06"
},
{
"url": "https://git.kernel.org/stable/c/7afb5fb42d4950f33af2732b8147c552659f79b7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7afb5fb42d4950f33af2732b8147c552659f79b7"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

125
2025/37xxx/CVE-2025-37865.json
View File

@ -1,18 +1,135 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37865",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported\n\nRussell King reports that on the ZII dev rev B, deleting a bridge VLAN\nfrom a user port fails with -ENOENT:\nhttps://lore.kernel.org/netdev/Z_lQXNP0s5-IiJzd@shell.armlinux.org.uk/\n\nThis comes from mv88e6xxx_port_vlan_leave() -> mv88e6xxx_mst_put(),\nwhich tries to find an MST entry in &chip->msts associated with the SID,\nbut fails and returns -ENOENT as such.\n\nBut we know that this chip does not support MST at all, so that is not\nsurprising. The question is why does the guard in mv88e6xxx_mst_put()\nnot exit early:\n\n\tif (!sid)\n\t\treturn 0;\n\nAnd the answer seems to be simple: the sid comes from vlan.sid which\nsupposedly was previously populated by mv88e6xxx_vtu_get().\nBut some chip->info->ops->vtu_getnext() implementations do not populate\nvlan.sid, for example see mv88e6185_g1_vtu_getnext(). In that case,\nlater in mv88e6xxx_port_vlan_leave() we are using a garbage sid which is\njust residual stack memory.\n\nTesting for sid == 0 covers all cases of a non-bridge VLAN or a bridge\nVLAN mapped to the default MSTI. For some chips, SID 0 is valid and\ninstalled by mv88e6xxx_stu_setup(). A chip which does not support the\nSTU would implicitly only support mapping all VLANs to the default MSTI,\nso although SID 0 is not valid, it would be sufficient, if we were to\nzero-initialize the vlan structure, to fix the bug, due to the\ncoincidence that a test for vlan.sid == 0 already exists and leads to\nthe same (correct) behavior.\n\nAnother option which would be sufficient would be to add a test for\nmv88e6xxx_has_stu() inside mv88e6xxx_mst_put(), symmetric to the one\nwhich already exists in mv88e6xxx_mst_get(). But that placement means\nthe caller will have to dereference vlan.sid, which means it will access\nuninitialized memory, which is not nice even if it ignores it later.\n\nSo we end up making both modifications, in order to not rely just on the\nsid == 0 coincidence, but also to avoid having uninitialized structure\nfields which might get temporarily accessed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "acaf4d2e36b3466334af4d3ee6ac254c3316165c",
"version_value": "35cde75c08a1fa1a5ac0467afe2709caceeef002"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.18",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.18",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.135",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.88",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.25",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.4",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc3",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/35cde75c08a1fa1a5ac0467afe2709caceeef002",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/35cde75c08a1fa1a5ac0467afe2709caceeef002"
},
{
"url": "https://git.kernel.org/stable/c/afae9087301471970254a9180e5a26d3d8e8af09",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/afae9087301471970254a9180e5a26d3d8e8af09"
},
{
"url": "https://git.kernel.org/stable/c/9ee6d3a368ed34f2457863da3085c676e9e37a3d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9ee6d3a368ed34f2457863da3085c676e9e37a3d"
},
{
"url": "https://git.kernel.org/stable/c/9da4acbd60664271d34a627f7f63cd5bad8eba74",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9da4acbd60664271d34a627f7f63cd5bad8eba74"
},
{
"url": "https://git.kernel.org/stable/c/ea08dfc35f83cfc73493c52f63ae4f2e29edfe8d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ea08dfc35f83cfc73493c52f63ae4f2e29edfe8d"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

92
2025/37xxx/CVE-2025-37866.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37866",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxbf-bootctl: use sysfs_emit_at() in secure_boot_fuse_state_show()\n\nA warning is seen when running the latest kernel on a BlueField SOC:\n[251.512704] ------------[ cut here ]------------\n[251.512711] invalid sysfs_emit: buf:0000000003aa32ae\n[251.512720] WARNING: CPU: 1 PID: 705264 at fs/sysfs/file.c:767 sysfs_emit+0xac/0xc8\n\nThe warning is triggered because the mlxbf-bootctl driver invokes\n\"sysfs_emit()\" with a buffer pointer that is not aligned to the\nstart of the page. The driver should instead use \"sysfs_emit_at()\"\nto support non-zero offsets into the destination buffer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "9886f575de5aefcfab537467c72e5176e5301df0",
"version_value": "5e1dcc5bfd7a2896178c604bc69d6ab9650967da"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.14",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.14",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.4",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc3",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/5e1dcc5bfd7a2896178c604bc69d6ab9650967da",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/5e1dcc5bfd7a2896178c604bc69d6ab9650967da"
},
{
"url": "https://git.kernel.org/stable/c/b129005ddfc0e6daf04a6d3b928a9e474f9b3918",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b129005ddfc0e6daf04a6d3b928a9e474f9b3918"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

147
2025/37xxx/CVE-2025-37867.json
View File

@ -1,18 +1,157 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37867",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Silence oversized kvmalloc() warning\n\nsyzkaller triggered an oversized kvmalloc() warning.\nSilence it by adding __GFP_NOWARN.\n\nsyzkaller log:\n WARNING: CPU: 7 PID: 518 at mm/util.c:665 __kvmalloc_node_noprof+0x175/0x180\n CPU: 7 UID: 0 PID: 518 Comm: c_repro Not tainted 6.11.0-rc6+ #6\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:__kvmalloc_node_noprof+0x175/0x180\n RSP: 0018:ffffc90001e67c10 EFLAGS: 00010246\n RAX: 0000000000000100 RBX: 0000000000000400 RCX: ffffffff8149d46b\n RDX: 0000000000000000 RSI: ffff8881030fae80 RDI: 0000000000000002\n RBP: 000000712c800000 R08: 0000000000000100 R09: 0000000000000000\n R10: ffffc90001e67c10 R11: 0030ae0601000000 R12: 0000000000000000\n R13: 0000000000000000 R14: 00000000ffffffff R15: 0000000000000000\n FS: 00007fde79159740(0000) GS:ffff88813bdc0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020000180 CR3: 0000000105eb4005 CR4: 00000000003706b0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n <TASK>\n ib_umem_odp_get+0x1f6/0x390\n mlx5_ib_reg_user_mr+0x1e8/0x450\n ib_uverbs_reg_mr+0x28b/0x440\n ib_uverbs_write+0x7d3/0xa30\n vfs_write+0x1ac/0x6c0\n ksys_write+0x134/0x170\n ? __sanitizer_cov_trace_pc+0x1c/0x50\n do_syscall_64+0x50/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "37824952dc8fcd96e5c5a1ce9abf3f0ba09b1e5e",
"version_value": "f94ac90ce7bd6f9266ad0d99044ed86e8d1416c1"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.4",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.4",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.237",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.181",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.135",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.88",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.25",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.4",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc3",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/f94ac90ce7bd6f9266ad0d99044ed86e8d1416c1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f94ac90ce7bd6f9266ad0d99044ed86e8d1416c1"
},
{
"url": "https://git.kernel.org/stable/c/791daf8240cedf27af8794038ae1d32ef643bce6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/791daf8240cedf27af8794038ae1d32ef643bce6"
},
{
"url": "https://git.kernel.org/stable/c/6c588e9afbab240c921f936cb676dac72e2e2b66",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6c588e9afbab240c921f936cb676dac72e2e2b66"
},
{
"url": "https://git.kernel.org/stable/c/ae470d06320dea4002d441784d691f0a26b4322d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ae470d06320dea4002d441784d691f0a26b4322d"
},
{
"url": "https://git.kernel.org/stable/c/0d81bb58a203ad5f4044dc18cfbc230c194f650a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0d81bb58a203ad5f4044dc18cfbc230c194f650a"
},
{
"url": "https://git.kernel.org/stable/c/f476eba25fdf70faa7b19a3e0fb00e65c5b53106",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f476eba25fdf70faa7b19a3e0fb00e65c5b53106"
},
{
"url": "https://git.kernel.org/stable/c/9a0e6f15029e1a8a21e40f06fd05aa52b7f063de",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9a0e6f15029e1a8a21e40f06fd05aa52b7f063de"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

112
2025/37xxx/CVE-2025-37868.json
View File

@ -1,18 +1,122 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37868",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/userptr: fix notifier vs folio deadlock\n\nUser is reporting what smells like notifier vs folio deadlock, where\nmigrate_pages_batch() on core kernel side is holding folio lock(s) and\nthen interacting with the mappings of it, however those mappings are\ntied to some userptr, which means calling into the notifier callback and\ngrabbing the notifier lock. With perfect timing it looks possible that\nthe pages we pulled from the hmm fault can get sniped by\nmigrate_pages_batch() at the same time that we are holding the notifier\nlock to mark the pages as accessed/dirty, but at this point we also want\nto grab the folio locks(s) to mark them as dirty, but if they are\ncontended from notifier/migrate_pages_batch side then we deadlock since\nfolio lock won't be dropped until we drop the notifier lock.\n\nFortunately the mark_page_accessed/dirty is not really needed in the\nfirst place it seems and should have already been done by hmm fault, so\njust remove it.\n\n(cherry picked from commit bd7c0cb695e87c0e43247be8196b4919edbe0e85)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2a24c98f0e4cc994334598d4f3a851972064809d",
"version_value": "65dc4e3d5b01db0179fc95c1f0bdb87194c28ab5"
},
{
"version_affected": "<",
"version_name": "0a98219bcc961edd3388960576e4353e123b4a51",
"version_value": "90574ecf6052be83971d91d16600c5cf07003bbb"
},
{
"version_affected": "=",
"version_value": "f9326f529da7298a95643c3267f1c0fdb0db55eb"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.14",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.14",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.25",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.4",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc3",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/65dc4e3d5b01db0179fc95c1f0bdb87194c28ab5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/65dc4e3d5b01db0179fc95c1f0bdb87194c28ab5"
},
{
"url": "https://git.kernel.org/stable/c/90574ecf6052be83971d91d16600c5cf07003bbb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/90574ecf6052be83971d91d16600c5cf07003bbb"
},
{
"url": "https://git.kernel.org/stable/c/2577b202458cddff85cc154b1fe7f313e0d1f418",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2577b202458cddff85cc154b1fe7f313e0d1f418"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

103
2025/37xxx/CVE-2025-37869.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37869",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: Use local fence in error path of xe_migrate_clear\n\nThe intent of the error path in xe_migrate_clear is to wait on locally\ngenerated fence and then return. The code is waiting on m->fence which\ncould be the local fence but this is only stable under the job mutex\nleading to a possible UAF. Fix code to wait on local fence.\n\n(cherry picked from commit 762b7e95362170b3e13a8704f38d5e47eca4ba74)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "dd08ebf6c3525a7ea2186e636df064ea47281987",
"version_value": "2ac5f466f62892a7d1ac2d1a3eb6cd14efbe2f2d"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.8",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.8",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.25",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.4",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/2ac5f466f62892a7d1ac2d1a3eb6cd14efbe2f2d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2ac5f466f62892a7d1ac2d1a3eb6cd14efbe2f2d"
},
{
"url": "https://git.kernel.org/stable/c/dc712938aa26b001f448d5e93f59d57fa80f2dbd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/dc712938aa26b001f448d5e93f59d57fa80f2dbd"
},
{
"url": "https://git.kernel.org/stable/c/20659d3150f1a2a258a173fe011013178ff2a197",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/20659d3150f1a2a258a173fe011013178ff2a197"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

93
2025/37xxx/CVE-2025-37870.json
View File

@ -1,18 +1,103 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37870",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: prevent hang on link training fail\n\n[Why]\nWhen link training fails, the phy clock will be disabled. However, in\nenable_streams, it is assumed that link training succeeded and the\nmux selects the phy clock, causing a hang when a register write is made.\n\n[How]\nWhen enable_stream is hit, check if link training failed. If it did, fall\nback to the ref clock to avoid a hang and keep the system in a recoverable\nstate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "0363c03672cd3191f037905bf981eb523a3b71b1"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.12.25",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.4",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/0363c03672cd3191f037905bf981eb523a3b71b1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0363c03672cd3191f037905bf981eb523a3b71b1"
},
{
"url": "https://git.kernel.org/stable/c/04bf4f2a497e9877c425c5124652e61fb8a1a0aa",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/04bf4f2a497e9877c425c5124652e61fb8a1a0aa"
},
{
"url": "https://git.kernel.org/stable/c/8058061ed9d6bc259d1e678607b07d259342c08f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8058061ed9d6bc259d1e678607b07d259342c08f"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

181
2025/37xxx/CVE-2025-37871.json
View File

@ -1,18 +1,191 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37871",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: decrease sc_count directly if fail to queue dl_recall\n\nA deadlock warning occurred when invoking nfs4_put_stid following a failed\ndl_recall queue operation:\n T1 T2\n nfs4_laundromat\n nfs4_get_client_reaplist\n nfs4_anylock_blockers\n__break_lease\n spin_lock // ctx->flc_lock\n spin_lock // clp->cl_lock\n nfs4_lockowner_has_blockers\n locks_owner_has_blockers\n spin_lock // flctx->flc_lock\n nfsd_break_deleg_cb\n nfsd_break_one_deleg\n nfs4_put_stid\n refcount_dec_and_lock\n spin_lock // clp->cl_lock\n\nWhen a file is opened, an nfs4_delegation is allocated with sc_count\ninitialized to 1, and the file_lease holds a reference to the delegation.\nThe file_lease is then associated with the file through kernel_setlease.\n\nThe disassociation is performed in nfsd4_delegreturn via the following\ncall chain:\nnfsd4_delegreturn --> destroy_delegation --> destroy_unhashed_deleg -->\nnfs4_unlock_deleg_lease --> kernel_setlease --> generic_delete_lease\nThe corresponding sc_count reference will be released after this\ndisassociation.\n\nSince nfsd_break_one_deleg executes while holding the flc_lock, the\ndisassociation process becomes blocked when attempting to acquire flc_lock\nin generic_delete_lease. This means:\n1) sc_count in nfsd_break_one_deleg will not be decremented to 0;\n2) The nfs4_put_stid called by nfsd_break_one_deleg will not attempt to\nacquire cl_lock;\n3) Consequently, no deadlock condition is created.\n\nGiven that sc_count in nfsd_break_one_deleg remains non-zero, we can\nsafely perform refcount_dec on sc_count directly. This approach\neffectively avoids triggering deadlock warnings."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "b874cdef4e67e5150e07eff0eae1cbb21fb92da1",
"version_value": "b9bbe8f9d5663311d06667ce36d6ed255ead1a26"
},
{
"version_affected": "<",
"version_name": "cdb796137c57e68ca34518d53be53b679351eb86",
"version_value": "a70832d3555987035fc430ccd703acd89393eadb"
},
{
"version_affected": "<",
"version_name": "d96587cc93ec369031bcd7658c6adc719873c9fd",
"version_value": "ba903539fff745d592d893c71b30e5e268a95413"
},
{
"version_affected": "<",
"version_name": "9a81cde8c7ce65dd90fb47ceea93a45fc1a2fbd1",
"version_value": "7d192e27a431026c58d60edf66dc6cd98d0c01fc"
},
{
"version_affected": "<",
"version_name": "cad3479b63661a399c9df1d0b759e1806e2df3c8",
"version_value": "a7fce086f6ca84db409b9d58493ea77c1978897c"
},
{
"version_affected": "<",
"version_name": "133f5e2a37ce08c82d24e8fba65e0a81deae4609",
"version_value": "14985d66b9b99c12995dd99d1c6c8dec4114c2a5"
},
{
"version_affected": "<",
"version_name": "230ca758453c63bd38e4d9f4a21db698f7abada8",
"version_value": "a1d14d931bf700c1025db8c46d6731aa5cf440f9"
},
{
"version_affected": "=",
"version_value": "63b91c8ff4589f5263873b24c052447a28e10ef7"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.15-rc1",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.15-rc1",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.237",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.181",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.135",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.88",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.25",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.4",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc3",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/b9bbe8f9d5663311d06667ce36d6ed255ead1a26",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b9bbe8f9d5663311d06667ce36d6ed255ead1a26"
},
{
"url": "https://git.kernel.org/stable/c/a70832d3555987035fc430ccd703acd89393eadb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a70832d3555987035fc430ccd703acd89393eadb"
},
{
"url": "https://git.kernel.org/stable/c/ba903539fff745d592d893c71b30e5e268a95413",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ba903539fff745d592d893c71b30e5e268a95413"
},
{
"url": "https://git.kernel.org/stable/c/7d192e27a431026c58d60edf66dc6cd98d0c01fc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7d192e27a431026c58d60edf66dc6cd98d0c01fc"
},
{
"url": "https://git.kernel.org/stable/c/a7fce086f6ca84db409b9d58493ea77c1978897c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a7fce086f6ca84db409b9d58493ea77c1978897c"
},
{
"url": "https://git.kernel.org/stable/c/14985d66b9b99c12995dd99d1c6c8dec4114c2a5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/14985d66b9b99c12995dd99d1c6c8dec4114c2a5"
},
{
"url": "https://git.kernel.org/stable/c/a1d14d931bf700c1025db8c46d6731aa5cf440f9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a1d14d931bf700c1025db8c46d6731aa5cf440f9"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

103
2025/37xxx/CVE-2025-37872.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37872",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: txgbe: fix memory leak in txgbe_probe() error path\n\nWhen txgbe_sw_init() is called, memory is allocated for wx->rss_key\nin wx_init_rss_key(). However, in txgbe_probe() function, the subsequent\nerror paths after txgbe_sw_init() don't free the rss_key. Fix that by\nfreeing it in error path along with wx->mac_table.\n\nAlso change the label to which execution jumps when txgbe_sw_init()\nfails, because otherwise, it could lead to a double free for rss_key,\nwhen the mac_table allocation fails in wx_sw_init()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "937d46ecc5f941b26270bdf7ce37495f12b25955",
"version_value": "635863d93deb8e352d63a8eba852efeaf1ac3539"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.8",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.8",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.25",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.4",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc3",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/635863d93deb8e352d63a8eba852efeaf1ac3539",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/635863d93deb8e352d63a8eba852efeaf1ac3539"
},
{
"url": "https://git.kernel.org/stable/c/837197a722919f5b0eeb967fe7cb0cc1e83173b9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/837197a722919f5b0eeb967fe7cb0cc1e83173b9"
},
{
"url": "https://git.kernel.org/stable/c/b2727326d0a53709380aa147018085d71a6d4843",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b2727326d0a53709380aa147018085d71a6d4843"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

103
2025/37xxx/CVE-2025-37873.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37873",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: fix missing ring index trim on error path\n\nCommit under Fixes converted tx_prod to be free running but missed\nmasking it on the Tx error path. This crashes on error conditions,\nfor example when DMA mapping fails."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6d1add95536bafe585c500ad8114af7ed4225a0f",
"version_value": "21e70f694bc0dcb40174b0940cc52a7769fc19e0"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.8",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.8",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.25",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.4",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc3",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/21e70f694bc0dcb40174b0940cc52a7769fc19e0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/21e70f694bc0dcb40174b0940cc52a7769fc19e0"
},
{
"url": "https://git.kernel.org/stable/c/3742c55de00266fa7c8fd2c5d61a453d223a9cd1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3742c55de00266fa7c8fd2c5d61a453d223a9cd1"
},
{
"url": "https://git.kernel.org/stable/c/12f2d033fae957d84c2c0ce604d2a077e61fa2c0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/12f2d033fae957d84c2c0ce604d2a077e61fa2c0"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

114
2025/37xxx/CVE-2025-37874.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37874",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ngbe: fix memory leak in ngbe_probe() error path\n\nWhen ngbe_sw_init() is called, memory is allocated for wx->rss_key\nin wx_init_rss_key(). However, in ngbe_probe() function, the subsequent\nerror paths after ngbe_sw_init() don't free the rss_key. Fix that by\nfreeing it in error path along with wx->mac_table.\n\nAlso change the label to which execution jumps when ngbe_sw_init()\nfails, because otherwise, it could lead to a double free for rss_key,\nwhen the mac_table allocation fails in wx_sw_init()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "02338c484ab6250b81f0266ffb40d53c3efe0f47",
"version_value": "7c2b66a31c7a4866400f7e6fb43cb32021bfca01"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.2",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.2",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.88",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.25",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.4",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc3",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/7c2b66a31c7a4866400f7e6fb43cb32021bfca01",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7c2b66a31c7a4866400f7e6fb43cb32021bfca01"
},
{
"url": "https://git.kernel.org/stable/c/8335a3feb9d0d97e5e8f76d38b6bb8573d5b4a29",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8335a3feb9d0d97e5e8f76d38b6bb8573d5b4a29"
},
{
"url": "https://git.kernel.org/stable/c/397487338eff1891c4654ce7deaafbf72a1688b2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/397487338eff1891c4654ce7deaafbf72a1688b2"
},
{
"url": "https://git.kernel.org/stable/c/88fa80021b77732bc98f73fb69d69c7cc37b9f0d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/88fa80021b77732bc98f73fb69d69c7cc37b9f0d"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

136
2025/37xxx/CVE-2025-37875.json
View File

@ -1,18 +1,146 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37875",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nigc: fix PTM cycle trigger logic\n\nWriting to clear the PTM status 'valid' bit while the PTM cycle is\ntriggered results in unreliable PTM operation. To fix this, clear the\nPTM 'trigger' and status after each PTM transaction.\n\nThe issue can be reproduced with the following:\n\n$ sudo phc2sys -R 1000 -O 0 -i tsn0 -m\n\nNote: 1000 Hz (-R 1000) is unrealistically large, but provides a way to\nquickly reproduce the issue.\n\nPHC2SYS exits with:\n\n\"ioctl PTP_OFFSET_PRECISE: Connection timed out\" when the PTM transaction\n fails\n\nThis patch also fixes a hang in igc_probe() when loading the igc\ndriver in the kdump kernel on systems supporting PTM.\n\nThe igc driver running in the base kernel enables PTM trigger in\nigc_probe(). Therefore the driver is always in PTM trigger mode,\nexcept in brief periods when manually triggering a PTM cycle.\n\nWhen a crash occurs, the NIC is reset while PTM trigger is enabled.\nDue to a hardware problem, the NIC is subsequently in a bad busmaster\nstate and doesn't handle register reads/writes. When running\nigc_probe() in the kdump kernel, the first register access to a NIC\nregister hangs driver probing and ultimately breaks kdump.\n\nWith this patch, igc has PTM trigger disabled most of the time,\nand the trigger is only enabled for very brief (10 - 100 us) periods\nwhen manually triggering a PTM cycle. Chances that a crash occurs\nduring a PTM trigger are not 0, but extremely reduced."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "a90ec84837325df4b9a6798c2cc0df202b5680bd",
"version_value": "c1f174edaccc5a00f8e218c42a0aa9156efd5f76"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.15",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.15",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.181",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.135",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.88",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.25",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.4",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc3",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/c1f174edaccc5a00f8e218c42a0aa9156efd5f76",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c1f174edaccc5a00f8e218c42a0aa9156efd5f76"
},
{
"url": "https://git.kernel.org/stable/c/0c03e4fbe1321697d9d04587e21e416705e1b19f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0c03e4fbe1321697d9d04587e21e416705e1b19f"
},
{
"url": "https://git.kernel.org/stable/c/16194ca3f3b4448a062650c869a7b3b206c6f5d3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/16194ca3f3b4448a062650c869a7b3b206c6f5d3"
},
{
"url": "https://git.kernel.org/stable/c/f3516229cd12dcd45f23ed01adab17e8772b1bd5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f3516229cd12dcd45f23ed01adab17e8772b1bd5"
},
{
"url": "https://git.kernel.org/stable/c/31959e06143692f7e02b8eef7d7d6ac645637906",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/31959e06143692f7e02b8eef7d7d6ac645637906"
},
{
"url": "https://git.kernel.org/stable/c/8e404ad95d2c10c261e2ef6992c7c12dde03df0e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8e404ad95d2c10c261e2ef6992c7c12dde03df0e"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

93
2025/37xxx/CVE-2025-37876.json
View File

@ -1,18 +1,103 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37876",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfs: Only create /proc/fs/netfs with CONFIG_PROC_FS\n\nWhen testing a special config:\n\nCONFIG_NETFS_SUPPORTS=y\nCONFIG_PROC_FS=n\n\nThe system crashes with something like:\n\n[ 3.766197] ------------[ cut here ]------------\n[ 3.766484] kernel BUG at mm/mempool.c:560!\n[ 3.766789] Oops: invalid opcode: 0000 [#1] SMP NOPTI\n[ 3.767123] CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Tainted: G W\n[ 3.767777] Tainted: [W]=WARN\n[ 3.767968] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996),\n[ 3.768523] RIP: 0010:mempool_alloc_slab.cold+0x17/0x19\n[ 3.768847] Code: 50 fe ff 58 5b 5d 41 5c 41 5d 41 5e 41 5f e9 93 95 13 00\n[ 3.769977] RSP: 0018:ffffc90000013998 EFLAGS: 00010286\n[ 3.770315] RAX: 000000000000002f RBX: ffff888100ba8640 RCX: 0000000000000000\n[ 3.770749] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 00000000ffffffff\n[ 3.771217] RBP: 0000000000092880 R08: 0000000000000000 R09: ffffc90000013828\n[ 3.771664] R10: 0000000000000001 R11: 00000000ffffffea R12: 0000000000092cc0\n[ 3.772117] R13: 0000000000000400 R14: ffff8881004b1620 R15: ffffea0004ef7e40\n[ 3.772554] FS: 0000000000000000(0000) GS:ffff8881b5f3c000(0000) knlGS:0000000000000000\n[ 3.773061] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 3.773443] CR2: ffffffff830901b4 CR3: 0000000004296001 CR4: 0000000000770ef0\n[ 3.773884] PKRU: 55555554\n[ 3.774058] Call Trace:\n[ 3.774232] <TASK>\n[ 3.774371] mempool_alloc_noprof+0x6a/0x190\n[ 3.774649] ? _printk+0x57/0x80\n[ 3.774862] netfs_alloc_request+0x85/0x2ce\n[ 3.775147] netfs_readahead+0x28/0x170\n[ 3.775395] read_pages+0x6c/0x350\n[ 3.775623] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 3.775928] page_cache_ra_unbounded+0x1bd/0x2a0\n[ 3.776247] filemap_get_pages+0x139/0x970\n[ 3.776510] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 3.776820] filemap_read+0xf9/0x580\n[ 3.777054] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 3.777368] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 3.777674] ? find_held_lock+0x32/0x90\n[ 3.777929] ? netfs_start_io_read+0x19/0x70\n[ 3.778221] ? netfs_start_io_read+0x19/0x70\n[ 3.778489] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 3.778800] ? lock_acquired+0x1e6/0x450\n[ 3.779054] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 3.779379] netfs_buffered_read_iter+0x57/0x80\n[ 3.779670] __kernel_read+0x158/0x2c0\n[ 3.779927] bprm_execve+0x300/0x7a0\n[ 3.780185] kernel_execve+0x10c/0x140\n[ 3.780423] ? __pfx_kernel_init+0x10/0x10\n[ 3.780690] kernel_init+0xd5/0x150\n[ 3.780910] ret_from_fork+0x2d/0x50\n[ 3.781156] ? __pfx_kernel_init+0x10/0x10\n[ 3.781414] ret_from_fork_asm+0x1a/0x30\n[ 3.781677] </TASK>\n[ 3.781823] Modules linked in:\n[ 3.782065] ---[ end trace 0000000000000000 ]---\n\nThis is caused by the following error path in netfs_init():\n\n if (!proc_mkdir(\"fs/netfs\", NULL))\n goto error_proc;\n\nFix this by adding ifdef in netfs_main(), so that /proc/fs/netfs is only\ncreated with CONFIG_PROC_FS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "2ef6eea2efce01d1956ace483216f6b6e26330c9"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.12.26",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.5",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc3",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/2ef6eea2efce01d1956ace483216f6b6e26330c9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2ef6eea2efce01d1956ace483216f6b6e26330c9"
},
{
"url": "https://git.kernel.org/stable/c/6c4c5e0b96a90f2a11c378e66edc1f25165e10b6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6c4c5e0b96a90f2a11c378e66edc1f25165e10b6"
},
{
"url": "https://git.kernel.org/stable/c/40cb48eba3b4b79e110c1a35d33a48cac54507a2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/40cb48eba3b4b79e110c1a35d33a48cac54507a2"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

93
2025/37xxx/CVE-2025-37877.json
View File

@ -1,18 +1,103 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37877",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu: Clear iommu-dma ops on cleanup\n\nIf iommu_device_register() encounters an error, it can end up tearing\ndown already-configured groups and default domains, however this\ncurrently still leaves devices hooked up to iommu-dma (and even\nhistorically the behaviour in this area was at best inconsistent across\narchitectures/drivers...) Although in the case that an IOMMU is present\nwhose driver has failed to probe, users cannot necessarily expect DMA to\nwork anyway, it's still arguable that we should do our best to put\nthings back as if the IOMMU driver was never there at all, and certainly\nthe potential for crashing in iommu-dma itself is undesirable. Make sure\nwe clean up the dev->dma_iommu flag along with everything else."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "b14d98641312d972bb3f38e82eddf92898522389"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.12.26",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.5",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/b14d98641312d972bb3f38e82eddf92898522389",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b14d98641312d972bb3f38e82eddf92898522389"
},
{
"url": "https://git.kernel.org/stable/c/104a84276821aed0ed241ce0d82d6c3267e3fcb8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/104a84276821aed0ed241ce0d82d6c3267e3fcb8"
},
{
"url": "https://git.kernel.org/stable/c/280e5a30100578106a4305ce0118e0aa9b866f12",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/280e5a30100578106a4305ce0118e0aa9b866f12"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

104
2025/37xxx/CVE-2025-37878.json
View File

@ -1,18 +1,114 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37878",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Fix WARN_ON(!ctx) in __free_event() for partial init\n\nMove the get_ctx(child_ctx) call and the child_event->ctx assignment to\noccur immediately after the child event is allocated. Ensure that\nchild_event->ctx is non-NULL before any subsequent error path within\ninherit_event calls free_event(), satisfying the assumptions of the\ncleanup code.\n\nDetails:\n\nThere's no clear Fixes tag, because this bug is a side-effect of\nmultiple interacting commits over time (up to 15 years old), not\na single regression.\n\nThe code initially incremented refcount then assigned context\nimmediately after the child_event was created. Later, an early\nvalidity check for child_event was added before the\nrefcount/assignment. Even later, a WARN_ON_ONCE() cleanup check was\nadded, assuming event->ctx is valid if the pmu_ctx is valid.\nThe problem is that the WARN_ON_ONCE() could trigger after the initial\ncheck passed but before child_event->ctx was assigned, violating its\nprecondition. The solution is to assign child_event->ctx right after\nits initial validation. This ensures the context exists for any\nsubsequent checks or cleanup routines, resolving the WARN_ON_ONCE().\n\nTo resolve it, defer the refcount update and child_event->ctx assignment\ndirectly after child_event->pmu_ctx is set but before checking if the\nparent event is orphaned. The cleanup routine depends on\nevent->pmu_ctx being non-NULL before it verifies event->ctx is\nnon-NULL. This also maintains the author's original intent of passing\nin child_ctx to find_get_pmu_context before its refcount/assignment.\n\n[ mingo: Expanded the changelog from another email by Gabriel Shahrouzi. ]"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "1fe9b92eede32574dbe05b5bdb6ad666b350bed0"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.6.89",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.26",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.5",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/1fe9b92eede32574dbe05b5bdb6ad666b350bed0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1fe9b92eede32574dbe05b5bdb6ad666b350bed0"
},
{
"url": "https://git.kernel.org/stable/c/90dc6c1e3b200812da8d0aa030e1b7fda8226d0e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/90dc6c1e3b200812da8d0aa030e1b7fda8226d0e"
},
{
"url": "https://git.kernel.org/stable/c/cb56cd11feabf99e08bc18960700a53322ffcea7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cb56cd11feabf99e08bc18960700a53322ffcea7"
},
{
"url": "https://git.kernel.org/stable/c/0ba3a4ab76fd3367b9cb680cad70182c896c795c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0ba3a4ab76fd3367b9cb680cad70182c896c795c"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

115
2025/37xxx/CVE-2025-37879.json
View File

@ -1,18 +1,125 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37879",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\n9p/net: fix improper handling of bogus negative read/write replies\n\nIn p9_client_write() and p9_client_read_once(), if the server\nincorrectly replies with success but a negative write/read count then we\nwould consider written (negative) <= rsize (positive) because both\nvariables were signed.\n\nMake variables unsigned to avoid this problem.\n\nThe reproducer linked below now fails with the following error instead\nof a null pointer deref:\n9pnet: bogus RWRITE count (4294967295 > 3)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "468ff4a7c61fb811c596a7c44b6a5455e40fd12b"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.1.136",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.89",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.26",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.5",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/468ff4a7c61fb811c596a7c44b6a5455e40fd12b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/468ff4a7c61fb811c596a7c44b6a5455e40fd12b"
},
{
"url": "https://git.kernel.org/stable/c/a68768e280b7d0c967ea509e791bb9b90adc94a5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a68768e280b7d0c967ea509e791bb9b90adc94a5"
},
{
"url": "https://git.kernel.org/stable/c/c548f95688e2b5ae0e2ae43d53cf717156c7d034",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c548f95688e2b5ae0e2ae43d53cf717156c7d034"
},
{
"url": "https://git.kernel.org/stable/c/374e4cd75617c8c2552f562f39dd989583f5c330",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/374e4cd75617c8c2552f562f39dd989583f5c330"
},
{
"url": "https://git.kernel.org/stable/c/d0259a856afca31d699b706ed5e2adf11086c73b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d0259a856afca31d699b706ed5e2adf11086c73b"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

93
2025/37xxx/CVE-2025-37880.json
View File

@ -1,18 +1,103 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37880",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\num: work around sched_yield not yielding in time-travel mode\n\nsched_yield by a userspace may not actually cause scheduling in\ntime-travel mode as no time has passed. In the case seen it appears to\nbe a badly implemented userspace spinlock in ASAN. Unfortunately, with\ntime-travel it causes an extreme slowdown or even deadlock depending on\nthe kernel configuration (CONFIG_UML_MAX_USERSPACE_ITERATIONS).\n\nWork around it by accounting time to the process whenever it executes a\nsched_yield syscall."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "da780c4a075ba2deb05ae29f0af4a990578c7901"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.12.26",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.5",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/da780c4a075ba2deb05ae29f0af4a990578c7901",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/da780c4a075ba2deb05ae29f0af4a990578c7901"
},
{
"url": "https://git.kernel.org/stable/c/990ddc65173776f1e01e7135d8c1fd5f8fd4d5d2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/990ddc65173776f1e01e7135d8c1fd5f8fd4d5d2"
},
{
"url": "https://git.kernel.org/stable/c/887c5c12e80c8424bd471122d2e8b6b462e12874",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/887c5c12e80c8424bd471122d2e8b6b462e12874"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

148
2025/37xxx/CVE-2025-37881.json
View File

@ -1,18 +1,158 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37881",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()\n\nThe variable d->name, returned by devm_kasprintf(), could be NULL.\nA pointer check is added to prevent potential NULL pointer dereference.\nThis is similar to the fix in commit 3027e7b15b02\n(\"ice: Fix some null pointer dereference issues in ice_ptp.c\").\n\nThis issue is found by our static analysis tool"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "a777ccfb9ba8d43f745e41b69ba39d4a506a081e"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.4.293",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.237",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.181",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.136",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.89",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.26",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.5",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/a777ccfb9ba8d43f745e41b69ba39d4a506a081e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a777ccfb9ba8d43f745e41b69ba39d4a506a081e"
},
{
"url": "https://git.kernel.org/stable/c/c8d4faf452a627f9b09c3a5c366133a19e5b7a28",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c8d4faf452a627f9b09c3a5c366133a19e5b7a28"
},
{
"url": "https://git.kernel.org/stable/c/d26a6093d52904cacdbb75424c323c19b443a890",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d26a6093d52904cacdbb75424c323c19b443a890"
},
{
"url": "https://git.kernel.org/stable/c/36d68151712e525450f0fbb3045e7110f0d9b610",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/36d68151712e525450f0fbb3045e7110f0d9b610"
},
{
"url": "https://git.kernel.org/stable/c/cfa7984f69359761b07a7831c1258c0fde1e0389",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cfa7984f69359761b07a7831c1258c0fde1e0389"
},
{
"url": "https://git.kernel.org/stable/c/052fb65335befeae8500e88d69ea022266baaf6d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/052fb65335befeae8500e88d69ea022266baaf6d"
},
{
"url": "https://git.kernel.org/stable/c/61006ca381b4d65d2b8ca695ea8da1ce18d6dee3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/61006ca381b4d65d2b8ca695ea8da1ce18d6dee3"
},
{
"url": "https://git.kernel.org/stable/c/8c75f3e6a433d92084ad4e78b029ae680865420f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8c75f3e6a433d92084ad4e78b029ae680865420f"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

93
2025/37xxx/CVE-2025-37882.json
View File

@ -1,18 +1,103 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37882",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Fix isochronous Ring Underrun/Overrun event handling\n\nThe TRB pointer of these events points at enqueue at the time of error\noccurrence on xHCI 1.1+ HCs or it's NULL on older ones. By the time we\nare handling the event, a new TD may be queued at this ring position.\n\nI can trigger this race by rising interrupt moderation to increase IRQ\nhandling delay. Similar delay may occur naturally due to system load.\n\nIf this ever happens after a Missed Service Error, missed TDs will be\nskipped and the new TD processed as if it matched the event. It could\nbe given back prematurely, risking data loss or buffer UAF by the xHC.\n\nDon't complete TDs on xrun events and don't warn if queued TDs don't\nmatch the event's TRB pointer, which can be NULL or a link/no-op TRB.\nDon't warn if there are no queued TDs at all.\n\nNow that it's safe, also handle xrun events if the skip flag is clear.\nThis ensures completion of any TD stuck in 'error mid TD' state right\nbefore the xrun event, which could happen if a driver submits a finite\nnumber of URBs to a buggy HC and then an error occurs on the last TD."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "16a7a8e6c47fea5c847beb696c8c21a7a44c1915"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.12.26",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.5",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/16a7a8e6c47fea5c847beb696c8c21a7a44c1915",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/16a7a8e6c47fea5c847beb696c8c21a7a44c1915"
},
{
"url": "https://git.kernel.org/stable/c/39a080a2925c81b0f1da0add44722ef2b78e5454",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/39a080a2925c81b0f1da0add44722ef2b78e5454"
},
{
"url": "https://git.kernel.org/stable/c/906dec15b9b321b546fd31a3c99ffc13724c7af4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/906dec15b9b321b546fd31a3c99ffc13724c7af4"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

126
2025/37xxx/CVE-2025-37883.json
View File

@ -1,18 +1,136 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37883",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/sclp: Add check for get_zeroed_page()\n\nAdd check for the return value of get_zeroed_page() in\nsclp_console_init() to prevent null pointer dereference.\nFurthermore, to solve the memory leak caused by the loop\nallocation, add a free helper to do the free job."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "e1e00dc45648125ef7cb87ebc3b581ac224e7b39"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.15.181",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.136",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.89",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.26",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.5",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/e1e00dc45648125ef7cb87ebc3b581ac224e7b39",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e1e00dc45648125ef7cb87ebc3b581ac224e7b39"
},
{
"url": "https://git.kernel.org/stable/c/397254706eba9d8f99fd237feede7ab3169a7f9a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/397254706eba9d8f99fd237feede7ab3169a7f9a"
},
{
"url": "https://git.kernel.org/stable/c/28e5a867aa542e369e211c2baba7044228809a99",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/28e5a867aa542e369e211c2baba7044228809a99"
},
{
"url": "https://git.kernel.org/stable/c/3b3aa72636a6205933609ec274a8747720c1ee3f",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3b3aa72636a6205933609ec274a8747720c1ee3f"
},
{
"url": "https://git.kernel.org/stable/c/f69f8a93aacf6e99af7b1cc992d8ca2cc07b96fb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/f69f8a93aacf6e99af7b1cc992d8ca2cc07b96fb"
},
{
"url": "https://git.kernel.org/stable/c/3db42c75a921854a99db0a2775814fef97415bac",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3db42c75a921854a99db0a2775814fef97415bac"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

115
2025/37xxx/CVE-2025-37884.json
View File

@ -1,18 +1,125 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37884",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix deadlock between rcu_tasks_trace and event_mutex.\n\nFix the following deadlock:\nCPU A\n_free_event()\n perf_kprobe_destroy()\n mutex_lock(&event_mutex)\n perf_trace_event_unreg()\n synchronize_rcu_tasks_trace()\n\nThere are several paths where _free_event() grabs event_mutex\nand calls sync_rcu_tasks_trace. Above is one such case.\n\nCPU B\nbpf_prog_test_run_syscall()\n rcu_read_lock_trace()\n bpf_prog_run_pin_on_cpu()\n bpf_prog_load()\n bpf_tracing_func_proto()\n trace_set_clr_event()\n mutex_lock(&event_mutex)\n\nDelegate trace_set_clr_event() to workqueue to avoid\nsuch lock dependency."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"version_value": "255cbc9db7067a83713fd2f4b31034ddd266549a"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.1.136",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.89",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.26",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.5",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc1",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/255cbc9db7067a83713fd2f4b31034ddd266549a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/255cbc9db7067a83713fd2f4b31034ddd266549a"
},
{
"url": "https://git.kernel.org/stable/c/b5a528a34e1f613565115a7a6016862ccbfcb9ac",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b5a528a34e1f613565115a7a6016862ccbfcb9ac"
},
{
"url": "https://git.kernel.org/stable/c/c5c833f6375f8ecf9254dd27946c927c7d645421",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c5c833f6375f8ecf9254dd27946c927c7d645421"
},
{
"url": "https://git.kernel.org/stable/c/45286680b385f2592db3003554872388dee66d68",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/45286680b385f2592db3003554872388dee66d68"
},
{
"url": "https://git.kernel.org/stable/c/4580f4e0ebdf8dc8d506ae926b88510395a0c1d1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4580f4e0ebdf8dc8d506ae926b88510395a0c1d1"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

147
2025/37xxx/CVE-2025-37885.json
View File

@ -1,18 +1,157 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37885",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Reset IRTE to host control if *new* route isn't postable\n\nRestore an IRTE back to host control (remapped or posted MSI mode) if the\n*new* GSI route prevents posting the IRQ directly to a vCPU, regardless of\nthe GSI routing type. Updating the IRTE if and only if the new GSI is an\nMSI results in KVM leaving an IRTE posting to a vCPU.\n\nThe dangling IRTE can result in interrupts being incorrectly delivered to\nthe guest, and in the worst case scenario can result in use-after-free,\ne.g. if the VM is torn down, but the underlying host IRQ isn't freed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "efc644048ecde54f016011fe10110addd0de348f",
"version_value": "e5f2dee9f7fcd2ff4b97869f3c66a0d89c167769"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.4",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.4",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.237",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.181",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.136",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.89",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.26",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.5",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc4",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/e5f2dee9f7fcd2ff4b97869f3c66a0d89c167769",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e5f2dee9f7fcd2ff4b97869f3c66a0d89c167769"
},
{
"url": "https://git.kernel.org/stable/c/116c7d35b8f72eac383b9fd371d7c1a8ffc2968b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/116c7d35b8f72eac383b9fd371d7c1a8ffc2968b"
},
{
"url": "https://git.kernel.org/stable/c/023816bd5fa46fab94d1e7917fe131b79ed1fb41",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/023816bd5fa46fab94d1e7917fe131b79ed1fb41"
},
{
"url": "https://git.kernel.org/stable/c/3481fd96d801715942b6f69fe251133128156f30",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3481fd96d801715942b6f69fe251133128156f30"
},
{
"url": "https://git.kernel.org/stable/c/b5de7ac74f69603ad803c524b840bffd36368fc3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b5de7ac74f69603ad803c524b840bffd36368fc3"
},
{
"url": "https://git.kernel.org/stable/c/3066ec21d1a33896125747f68638725f456308db",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3066ec21d1a33896125747f68638725f456308db"
},
{
"url": "https://git.kernel.org/stable/c/9bcac97dc42d2f4da8229d18feb0fe2b1ce523a2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9bcac97dc42d2f4da8229d18feb0fe2b1ce523a2"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

114
2025/37xxx/CVE-2025-37886.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37886",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: make wait_context part of q_info\n\nMake the wait_context a full part of the q_info struct rather\nthan a stack variable that goes away after pdsc_adminq_post()\nis done so that the context is still available after the wait\nloop has given up.\n\nThere was a case where a slow development firmware caused\nthe adminq request to time out, but then later the FW finally\nfinished the request and sent the interrupt. The handler tried\nto complete_all() the completion context that had been created\non the stack in pdsc_adminq_post() but no longer existed.\nThis caused bad pointer usage, kernel crashes, and much wailing\nand gnashing of teeth."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "01ba61b55b2041a39c54aefb3153c770dd59a0ef",
"version_value": "1d7c4b2b0bbfb09b55b2dc0e2355d7936bf89381"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.4",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.4",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.89",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.26",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.5",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc4",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/1d7c4b2b0bbfb09b55b2dc0e2355d7936bf89381",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1d7c4b2b0bbfb09b55b2dc0e2355d7936bf89381"
},
{
"url": "https://git.kernel.org/stable/c/66d7702b42ffdf0dce4808626088268a4e905ca6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/66d7702b42ffdf0dce4808626088268a4e905ca6"
},
{
"url": "https://git.kernel.org/stable/c/520f012fe75fb8efc9f16a57ef929a7a2115d892",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/520f012fe75fb8efc9f16a57ef929a7a2115d892"
},
{
"url": "https://git.kernel.org/stable/c/3f77c3dfffc7063428b100c4945ca2a7a8680380",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3f77c3dfffc7063428b100c4945ca2a7a8680380"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

114
2025/37xxx/CVE-2025-37887.json
View File

@ -1,18 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37887",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result\n\nIf the FW doesn't support the PDS_CORE_CMD_FW_CONTROL command\nthe driver might at the least print garbage and at the worst\ncrash when the user runs the \"devlink dev info\" devlink command.\n\nThis happens because the stack variable fw_list is not 0\ninitialized which results in fw_list.num_fw_slots being a\ngarbage value from the stack. Then the driver tries to access\nfw_list.fw_names[i] with i >= ARRAY_SIZE and runs off the end\nof the array.\n\nFix this by initializing the fw_list and by not failing\ncompletely if the devcmd fails because other useful information\nis printed via devlink dev info even if the devcmd fails."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "45d76f492938cdc27ddadc16e1e75103f4cfbf56",
"version_value": "cdd784c96fe2e5edbf0ed9b3e96fe776e8092385"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.4",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.4",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.89",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.26",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.5",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc4",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/cdd784c96fe2e5edbf0ed9b3e96fe776e8092385",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/cdd784c96fe2e5edbf0ed9b3e96fe776e8092385"
},
{
"url": "https://git.kernel.org/stable/c/6702f5c6b22deaa95bf84f526148174a160a02cb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6702f5c6b22deaa95bf84f526148174a160a02cb"
},
{
"url": "https://git.kernel.org/stable/c/12a4651a80dbe4589a84e26785fbbe1ed4d043b7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/12a4651a80dbe4589a84e26785fbbe1ed4d043b7"
},
{
"url": "https://git.kernel.org/stable/c/2567daad69cd1107fc0ec29b1615f110d7cf7385",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2567daad69cd1107fc0ec29b1615f110d7cf7385"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

103
2025/37xxx/CVE-2025-37888.json
View File

@ -1,18 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37888",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Fix null-ptr-deref in mlx5_create_{inner_,}ttc_table()\n\nAdd NULL check for mlx5_get_flow_namespace() returns in\nmlx5_create_inner_ttc_table() and mlx5_create_ttc_table() to prevent\nNULL pointer dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "137f3d50ad2a0f2e1ebe5181d6b32a5541786b99",
"version_value": "0b682680b12b08cd62b113ea92b2938195de1dfe"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.10",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.10",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12.26",
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.14.5",
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.15-rc4",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/0b682680b12b08cd62b113ea92b2938195de1dfe",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/0b682680b12b08cd62b113ea92b2938195de1dfe"
},
{
"url": "https://git.kernel.org/stable/c/ecd9d2647ddb4f42a121de648e48659ae1856c39",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ecd9d2647ddb4f42a121de648e48659ae1856c39"
},
{
"url": "https://git.kernel.org/stable/c/91037037ee3d611ce17f39d75f79c7de394b122a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/91037037ee3d611ce17f39d75f79c7de394b122a"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

83
2025/37xxx/CVE-2025-37889.json
View File

@ -1,18 +1,93 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-37889",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI/MSI: Handle the NOMASK flag correctly for all PCI/MSI backends\n\nThe conversion of the XEN specific global variable pci_msi_ignore_mask to a\nMSI domain flag, missed the facts that:\n\n 1) Legacy architectures do not provide a interrupt domain\n 2) Parent MSI domains do not necessarily have a domain info attached\n \nBoth cases result in an unconditional NULL pointer dereference. This was\nunfortunatly missed in review and testing revealed it late.\n\nCure this by using the existing pci_msi_domain_supports() helper, which\nhandles all possible cases correctly."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "aad12468967b332f696bee6666754a8fe4831ddd",
"version_value": "46d357520934eef99fa121889f8ebbf46a6eddb8"
},
{
"version_affected": "<",
"version_name": "9e154033f51467f9ebaf87ba4ac2115241caa865",
"version_value": "2e3ad60b8f72a95e3a32ddd9d70ea129aa3fcfb7"
},
{
"version_affected": "<",
"version_name": "c3164d2e0d181027da8fc94f8179d8607c3d440f",
"version_value": "3ece3e8e5976c49c3f887e5923f998eabd54ff40"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/46d357520934eef99fa121889f8ebbf46a6eddb8",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/46d357520934eef99fa121889f8ebbf46a6eddb8"
},
{
"url": "https://git.kernel.org/stable/c/2e3ad60b8f72a95e3a32ddd9d70ea129aa3fcfb7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2e3ad60b8f72a95e3a32ddd9d70ea129aa3fcfb7"
},
{
"url": "https://git.kernel.org/stable/c/3ece3e8e5976c49c3f887e5923f998eabd54ff40",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3ece3e8e5976c49c3f887e5923f998eabd54ff40"
}
]
},
"generator": {
"engine": "bippy-1.2.0"
}
}

76
2025/3xxx/CVE-2025-3455.json
View File

@ -1,17 +1,85 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-3455",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The 1 Click WordPress Migration Plugin \u2013 100% FREE for a limited time plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'start_restore' function in all versions up to, and including, 2.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"cweId": "CWE-434"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "1clickmigration",
"product": {
"product_data": [
{
"product_name": "1 Click WordPress Migration Plugin \u2013 100% FREE for a limited time",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "2.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e982ae88-cfd0-46b9-ad64-00e398d307d6?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e982ae88-cfd0-46b9-ad64-00e398d307d6?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/1-click-migration/trunk/inc/backup/class-ocm-backup.php#L403",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/browser/1-click-migration/trunk/inc/backup/class-ocm-backup.php#L403"
}
]
},
"credits": [
{
"lang": "en",
"value": "Kate Kligman"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH"
}
]
}

76
2025/3xxx/CVE-2025-3605.json
View File

@ -1,17 +1,85 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-3605",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Frontend Login and Registration Blocks plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.7. This is due to the plugin not properly validating a user's identity prior to updating their details like email via the flr_blocks_user_settings_handle_ajax_callback() function. This makes it possible for unauthenticated attackers to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-639 Authorization Bypass Through User-Controlled Key",
"cweId": "CWE-639"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "arkenon",
"product": {
"product_data": [
{
"product_name": "Frontend Login and Registration Blocks",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "1.0.7"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0c11668c-6dc3-4539-b2be-bf6528bed73e?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0c11668c-6dc3-4539-b2be-bf6528bed73e?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/frontend-login-and-registration-blocks/trunk/inc/class-flr-blocks-user-settings.php#L59",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/browser/frontend-login-and-registration-blocks/trunk/inc/class-flr-blocks-user-settings.php#L59"
}
]
},
"credits": [
{
"lang": "en",
"value": "Kenneth Dunn"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
}
]
}

114
2025/4xxx/CVE-2025-4466.json
View File

@ -1,17 +1,123 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-4466",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in itsourcecode Gym Management System 1.0. It has been classified as critical. This affects an unknown part of the file /ajax.php?action=save_payment. The manipulation of the argument registration_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "deu",
"value": "Es wurde eine Schwachstelle in itsourcecode Gym Management System 1.0 ausgemacht. Sie wurde als kritisch eingestuft. Es betrifft eine unbekannte Funktion der Datei /ajax.php?action=save_payment. Durch Manipulieren des Arguments registration_id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL Injection",
"cweId": "CWE-89"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Injection",
"cweId": "CWE-74"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "itsourcecode",
"product": {
"product_data": [
{
"product_name": "Gym Management System",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.308085",
"refsource": "MISC",
"name": "https://vuldb.com/?id.308085"
},
{
"url": "https://vuldb.com/?ctiid.308085",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.308085"
},
{
"url": "https://vuldb.com/?submit.566105",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.566105"
},
{
"url": "https://github.com/TEhS411/cve/issues/4",
"refsource": "MISC",
"name": "https://github.com/TEhS411/cve/issues/4"
},
{
"url": "https://itsourcecode.com/",
"refsource": "MISC",
"name": "https://itsourcecode.com/"
}
]
},
"credits": [
{
"lang": "en",
"value": "TEhS (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 7.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "HIGH"
},
{
"version": "3.0",
"baseScore": 7.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "HIGH"
},
{
"version": "2.0",
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P"
}
]
}

114
2025/4xxx/CVE-2025-4467.json
View File

@ -1,17 +1,123 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-4467",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in SourceCodester Online Student Clearance System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/edit-admin.php. The manipulation of the argument txtfullname/txtemail/cmddesignation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "deu",
"value": "In SourceCodester Online Student Clearance System 1.0 wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Das betrifft eine unbekannte Funktionalit\u00e4t der Datei /admin/edit-admin.php. Durch das Beeinflussen des Arguments txtfullname/txtemail/cmddesignation mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL Injection",
"cweId": "CWE-89"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Injection",
"cweId": "CWE-74"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "SourceCodester",
"product": {
"product_data": [
{
"product_name": "Online Student Clearance System",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.308086",
"refsource": "MISC",
"name": "https://vuldb.com/?id.308086"
},
{
"url": "https://vuldb.com/?ctiid.308086",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.308086"
},
{
"url": "https://vuldb.com/?submit.566245",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.566245"
},
{
"url": "https://github.com/Colorado-all/cve/blob/main/Online%20Student%20Clearance%20System/SQL-2.md",
"refsource": "MISC",
"name": "https://github.com/Colorado-all/cve/blob/main/Online%20Student%20Clearance%20System/SQL-2.md"
},
{
"url": "https://www.sourcecodester.com/",
"refsource": "MISC",
"name": "https://www.sourcecodester.com/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Colorado-all (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 7.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "HIGH"
},
{
"version": "3.0",
"baseScore": 7.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "HIGH"
},
{
"version": "2.0",
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P"
}
]
}

114
2025/4xxx/CVE-2025-4468.json
View File

@ -1,17 +1,123 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-4468",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in SourceCodester Online Student Clearance System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /edit-photo.php. The manipulation of the argument userImage leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "deu",
"value": "Eine Schwachstelle wurde in SourceCodester Online Student Clearance System 1.0 ausgemacht. Sie wurde als kritisch eingestuft. Dies betrifft einen unbekannten Teil der Datei /edit-photo.php. Durch Beeinflussen des Arguments userImage mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unrestricted Upload",
"cweId": "CWE-434"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Improper Access Controls",
"cweId": "CWE-284"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "SourceCodester",
"product": {
"product_data": [
{
"product_name": "Online Student Clearance System",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.308087",
"refsource": "MISC",
"name": "https://vuldb.com/?id.308087"
},
{
"url": "https://vuldb.com/?ctiid.308087",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.308087"
},
{
"url": "https://vuldb.com/?submit.566246",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.566246"
},
{
"url": "https://github.com/Colorado-all/cve/blob/main/Online%20Student%20Clearance%20System/upload.md",
"refsource": "MISC",
"name": "https://github.com/Colorado-all/cve/blob/main/Online%20Student%20Clearance%20System/upload.md"
},
{
"url": "https://www.sourcecodester.com/",
"refsource": "MISC",
"name": "https://www.sourcecodester.com/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Colorado-all (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 7.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "HIGH"
},
{
"version": "3.0",
"baseScore": 7.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "HIGH"
},
{
"version": "2.0",
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P"
}
]
}

114
2025/4xxx/CVE-2025-4469.json
View File

@ -1,17 +1,123 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-4469",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability classified as problematic has been found in SourceCodester Online Student Clearance System 1.0. Affected is an unknown function of the file /admin/add-admin.php. The manipulation of the argument Username leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "deu",
"value": "Es wurde eine problematische Schwachstelle in SourceCodester Online Student Clearance System 1.0 entdeckt. Dabei betrifft es einen unbekannter Codeteil der Datei /admin/add-admin.php. Dank der Manipulation des Arguments Username mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross Site Scripting",
"cweId": "CWE-79"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Code Injection",
"cweId": "CWE-94"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "SourceCodester",
"product": {
"product_data": [
{
"product_name": "Online Student Clearance System",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.308088",
"refsource": "MISC",
"name": "https://vuldb.com/?id.308088"
},
{
"url": "https://vuldb.com/?ctiid.308088",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.308088"
},
{
"url": "https://vuldb.com/?submit.566248",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.566248"
},
{
"url": "https://github.com/Colorado-all/cve/blob/main/Online%20Student%20Clearance%20System/xss-1.md",
"refsource": "MISC",
"name": "https://github.com/Colorado-all/cve/blob/main/Online%20Student%20Clearance%20System/xss-1.md"
},
{
"url": "https://www.sourcecodester.com/",
"refsource": "MISC",
"name": "https://www.sourcecodester.com/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Colorado-all (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 2.4,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "LOW"
},
{
"version": "3.0",
"baseScore": 2.4,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "LOW"
},
{
"version": "2.0",
"baseScore": 3.3,
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N"
}
]
}

114
2025/4xxx/CVE-2025-4470.json
View File

@ -1,17 +1,123 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-4470",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability classified as problematic was found in SourceCodester Online Student Clearance System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/add-student.php. The manipulation of the argument Fullname leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well."
},
{
"lang": "deu",
"value": "In SourceCodester Online Student Clearance System 1.0 wurde eine problematische Schwachstelle entdeckt. Hierbei betrifft es unbekannten Programmcode der Datei /admin/add-student.php. Dank Manipulation des Arguments Fullname mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross Site Scripting",
"cweId": "CWE-79"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Code Injection",
"cweId": "CWE-94"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "SourceCodester",
"product": {
"product_data": [
{
"product_name": "Online Student Clearance System",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.308089",
"refsource": "MISC",
"name": "https://vuldb.com/?id.308089"
},
{
"url": "https://vuldb.com/?ctiid.308089",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.308089"
},
{
"url": "https://vuldb.com/?submit.566249",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.566249"
},
{
"url": "https://github.com/Colorado-all/cve/blob/main/Online%20Student%20Clearance%20System/xss-2.md",
"refsource": "MISC",
"name": "https://github.com/Colorado-all/cve/blob/main/Online%20Student%20Clearance%20System/xss-2.md"
},
{
"url": "https://www.sourcecodester.com/",
"refsource": "MISC",
"name": "https://www.sourcecodester.com/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Colorado-all (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 2.4,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "LOW"
},
{
"version": "3.0",
"baseScore": 2.4,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "LOW"
},
{
"version": "2.0",
"baseScore": 3.3,
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N"
}
]
}

18
2025/4xxx/CVE-2025-4478.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-4478",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}