admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2025/CVE-2025-218xx/CVE-2025-21847.json
cad-safe-bot 6ae8fb629b Auto-Update: 2025-03-13T17:00:20.359500+00:00
2025-03-13 17:03:50 +00:00

132 lines
4.4 KiB
JSON
Raw Blame History

{
"id": "CVE-2025-21847",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-03-12T10:15:17.100",
"lastModified": "2025-03-13T16:28:39.640",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data()\n\nThe nullity of sps->cstream should be checked similarly as it is done in\nsof_set_stream_data_offset() function.\nAssuming that it is not NULL if sps->stream is NULL is incorrect and can\nlead to NULL pointer dereference."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ASoC: SOF: stream-ipc: Comprobaci\u00f3n de nulidad de cstream en sof_ipc_msg_data(). La nulidad de sps->cstream debe comprobarse de forma similar a como se realiza en la funci\u00f3n sof_set_stream_data_offset(). Asumir que no es NULL si sps->stream es NULL es incorrecto y puede provocar la desreferenciaci\u00f3n del puntero NULL."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.3",
"versionEndExcluding": "6.6.80",
"matchCriteriaId": "ACF3631C-19E5-4953-B4A3-AB7CD48E6A57"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.12.17",
"matchCriteriaId": "15370AEE-6D1C-49C3-8CB7-E889D5F92B6F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.13",
"versionEndExcluding": "6.13.5",
"matchCriteriaId": "72E69ABB-9015-43A6-87E1-5150383CFFD9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.14:rc1:*:*:*:*:*:*",
"matchCriteriaId": "186716B6-2B66-4BD0-852E-D48E71C0C85F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.14:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0D3E781C-403A-498F-9DA9-ECEE50F41E75"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.14:rc3:*:*:*:*:*:*",
"matchCriteriaId": "66619FB8-0AAF-4166-B2CF-67B24143261D"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/2b3878baf90918a361a3dfd3513025100b1b40b6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/62ab1ae5511c59b5f0bf550136ff321331adca9f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6c18f5eb2043ebf4674c08a9690218dc818a11ab",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d8d99c3b5c485f339864aeaa29f76269cc0ea975",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink