mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
135 lines
7.0 KiB
JSON
135 lines
7.0 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2025-21636",
|
|
"ASSIGNER": "cve@kernel.org",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy\n\nAs mentioned in a previous commit of this series, using the 'net'\nstructure via 'current' is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader's/writer's netns vs only\n from the opener's netns.\n\n- current->nsproxy can be NULL in some cases, resulting in an 'Oops'\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe 'net' structure can be obtained from the table->data using\ncontainer_of().\n\nNote that table->data could also be used directly, as this is the only\nmember needed from the 'net' structure, but that would increase the size\nof this fix, to use '*data' everywhere 'net->sctp.probe_interval' is\nused."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Linux",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Linux",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "d1e462a7a5f359cbb9a0e8fbfafcfb6657034105",
|
|
"version_value": "1dc5da6c4178f3e4b95c631418f72de9f86c0449"
|
|
},
|
|
{
|
|
"version_value": "not down converted",
|
|
"x_cve_json_5_version_data": {
|
|
"versions": [
|
|
{
|
|
"version": "5.14",
|
|
"status": "affected"
|
|
},
|
|
{
|
|
"version": "0",
|
|
"lessThan": "5.14",
|
|
"status": "unaffected",
|
|
"versionType": "semver"
|
|
},
|
|
{
|
|
"version": "5.15.177",
|
|
"lessThanOrEqual": "5.15.*",
|
|
"status": "unaffected",
|
|
"versionType": "semver"
|
|
},
|
|
{
|
|
"version": "6.1.125",
|
|
"lessThanOrEqual": "6.1.*",
|
|
"status": "unaffected",
|
|
"versionType": "semver"
|
|
},
|
|
{
|
|
"version": "6.6.72",
|
|
"lessThanOrEqual": "6.6.*",
|
|
"status": "unaffected",
|
|
"versionType": "semver"
|
|
},
|
|
{
|
|
"version": "6.12.10",
|
|
"lessThanOrEqual": "6.12.*",
|
|
"status": "unaffected",
|
|
"versionType": "semver"
|
|
},
|
|
{
|
|
"version": "6.13",
|
|
"lessThanOrEqual": "*",
|
|
"status": "unaffected",
|
|
"versionType": "original_commit_for_fix"
|
|
}
|
|
],
|
|
"defaultStatus": "affected"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/1dc5da6c4178f3e4b95c631418f72de9f86c0449",
|
|
"refsource": "MISC",
|
|
"name": "https://git.kernel.org/stable/c/1dc5da6c4178f3e4b95c631418f72de9f86c0449"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/44ee8635922b6eb940faddb961a8347c6857d722",
|
|
"refsource": "MISC",
|
|
"name": "https://git.kernel.org/stable/c/44ee8635922b6eb940faddb961a8347c6857d722"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/284a221f8fa503628432c7bb5108277c688c6ffa",
|
|
"refsource": "MISC",
|
|
"name": "https://git.kernel.org/stable/c/284a221f8fa503628432c7bb5108277c688c6ffa"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/bcf8c60074e81ed2ac2d35130917175a3949c917",
|
|
"refsource": "MISC",
|
|
"name": "https://git.kernel.org/stable/c/bcf8c60074e81ed2ac2d35130917175a3949c917"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/6259d2484d0ceff42245d1f09cc8cb6ee72d847a",
|
|
"refsource": "MISC",
|
|
"name": "https://git.kernel.org/stable/c/6259d2484d0ceff42245d1f09cc8cb6ee72d847a"
|
|
}
|
|
]
|
|
},
|
|
"generator": {
|
|
"engine": "bippy-5f407fcff5a0"
|
|
}
|
|
} |