cvelistv5 - cve-2025-38117

CVE-2025-38117 (GCVE-0-2025-38117)

Vulnerability from cvelistv5

Published

2025-07-03 08:35

Modified

2025-07-28 04:12

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Protect mgmt_pending list with its own lock This uses a mutex to protect from concurrent access of mgmt_pending list which can cause crashes like: ================================================================== BUG: KASAN: slab-use-after-free in hci_sock_get_channel+0x60/0x68 net/bluetooth/hci_sock.c:91 Read of size 2 at addr ffff0000c48885b2 by task syz.4.334/7318 CPU: 0 UID: 0 PID: 7318 Comm: syz.4.334 Not tainted 6.15.0-rc7-syzkaller-g187899f4124a #0 PREEMPT Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 Call trace: show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:466 (C) __dump_stack+0x30/0x40 lib/dump_stack.c:94 dump_stack_lvl+0xd8/0x12c lib/dump_stack.c:120 print_address_description+0xa8/0x254 mm/kasan/report.c:408 print_report+0x68/0x84 mm/kasan/report.c:521 kasan_report+0xb0/0x110 mm/kasan/report.c:634 __asan_report_load2_noabort+0x20/0x2c mm/kasan/report_generic.c:379 hci_sock_get_channel+0x60/0x68 net/bluetooth/hci_sock.c:91 mgmt_pending_find+0x7c/0x140 net/bluetooth/mgmt_util.c:223 pending_find net/bluetooth/mgmt.c:947 [inline] remove_adv_monitor+0x44/0x1a4 net/bluetooth/mgmt.c:5445 hci_mgmt_cmd+0x780/0xc00 net/bluetooth/hci_sock.c:1712 hci_sock_sendmsg+0x544/0xbb0 net/bluetooth/hci_sock.c:1832 sock_sendmsg_nosec net/socket.c:712 [inline] __sock_sendmsg net/socket.c:727 [inline] sock_write_iter+0x25c/0x378 net/socket.c:1131 new_sync_write fs/read_write.c:591 [inline] vfs_write+0x62c/0x97c fs/read_write.c:684 ksys_write+0x120/0x210 fs/read_write.c:736 __do_sys_write fs/read_write.c:747 [inline] __se_sys_write fs/read_write.c:744 [inline] __arm64_sys_write+0x7c/0x90 fs/read_write.c:744 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151 el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767 el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600 Allocated by task 7037: kasan_save_stack mm/kasan/common.c:47 [inline] kasan_save_track+0x40/0x78 mm/kasan/common.c:68 kasan_save_alloc_info+0x44/0x54 mm/kasan/generic.c:562 poison_kmalloc_redzone mm/kasan/common.c:377 [inline] __kasan_kmalloc+0x9c/0xb4 mm/kasan/common.c:394 kasan_kmalloc include/linux/kasan.h:260 [inline] __do_kmalloc_node mm/slub.c:4327 [inline] __kmalloc_noprof+0x2fc/0x4c8 mm/slub.c:4339 kmalloc_noprof include/linux/slab.h:909 [inline] sk_prot_alloc+0xc4/0x1f0 net/core/sock.c:2198 sk_alloc+0x44/0x3ac net/core/sock.c:2254 bt_sock_alloc+0x4c/0x300 net/bluetooth/af_bluetooth.c:148 hci_sock_create+0xa8/0x194 net/bluetooth/hci_sock.c:2202 bt_sock_create+0x14c/0x24c net/bluetooth/af_bluetooth.c:132 __sock_create+0x43c/0x91c net/socket.c:1541 sock_create net/socket.c:1599 [inline] __sys_socket_create net/socket.c:1636 [inline] __sys_socket+0xd4/0x1c0 net/socket.c:1683 __do_sys_socket net/socket.c:1697 [inline] __se_sys_socket net/socket.c:1695 [inline] __arm64_sys_socket+0x7c/0x94 net/socket.c:1695 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151 el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767 el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600 Freed by task 6607: kasan_save_stack mm/kasan/common.c:47 [inline] kasan_save_track+0x40/0x78 mm/kasan/common.c:68 kasan_save_free_info+0x58/0x70 mm/kasan/generic.c:576 poison_slab_object mm/kasan/common.c:247 [inline] __kasan_slab_free+0x68/0x88 mm/kasan/common.c:264 kasan_slab_free include/linux/kasan.h:233 [inline ---truncated---

References

►

URL

wid-sec-w-2025-1452

Vulnerability from csaf_certbund

Published

2025-07-02 22:00

Modified

2025-08-18 22:00

Summary

Linux Kernel: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen und andere, nicht spezifizierte Auswirkungen zu verursachen.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren und andere, nicht spezifizierte Auswirkungen zu verursachen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-1452 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1452.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-1452 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1452"
      },
      {
        "category": "external",
        "summary": "Kernel CVE Announce Mailingliste",
        "url": "https://lore.kernel.org/linux-cve-announce/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38091",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070235-CVE-2025-38091-cb97@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38092",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070237-CVE-2025-38092-70a8@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38093",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070237-CVE-2025-38093-a615@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38094",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070324-CVE-2025-38094-1b5c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38095",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070340-CVE-2025-38095-6596@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38096",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070303-CVE-2025-38096-ae58@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38097",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070305-CVE-2025-38097-287c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38098",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070305-CVE-2025-38098-2802@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38099",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070306-CVE-2025-38099-dffb@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38100",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070319-CVE-2025-38100-5040@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38101",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070321-CVE-2025-38101-56c1@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38102",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070321-CVE-2025-38102-d592@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38103",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070322-CVE-2025-38103-dd1b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38105",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070322-CVE-2025-38105-dfcf@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38106",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070322-CVE-2025-38106-8de3@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38107",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070323-CVE-2025-38107-9344@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38108",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070323-CVE-2025-38108-9c8c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38109",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070323-CVE-2025-38109-f925@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38110",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070324-CVE-2025-38110-a9c0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38111",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070324-CVE-2025-38111-8e9a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38112",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070324-CVE-2025-38112-57a2@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38113",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070325-CVE-2025-38113-d080@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38114",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070325-CVE-2025-38114-c603@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38115",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070325-CVE-2025-38115-cce2@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38116",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070325-CVE-2025-38116-1d80@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38117",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070326-CVE-2025-38117-3424@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38118",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070326-CVE-2025-38118-f9ca@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38119",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070326-CVE-2025-38119-9bbe@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38120",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070327-CVE-2025-38120-4498@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38121",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070327-CVE-2025-38121-5390@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38122",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070327-CVE-2025-38122-cd8d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38123",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070328-CVE-2025-38123-3e20@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38124",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070328-CVE-2025-38124-bc19@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38125",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070328-CVE-2025-38125-8a6b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38126",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070329-CVE-2025-38126-3c9b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38127",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070329-CVE-2025-38127-686d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38128",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070329-CVE-2025-38128-5b44@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38129",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070330-CVE-2025-38129-3c0e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38130",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070330-CVE-2025-38130-3371@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38131",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070330-CVE-2025-38131-2350@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38132",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070331-CVE-2025-38132-bfc9@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38133",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070331-CVE-2025-38133-5976@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38134",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070331-CVE-2025-38134-cbff@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38135",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070331-CVE-2025-38135-20aa@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38136",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070332-CVE-2025-38136-1489@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38137",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070332-CVE-2025-38137-d4bf@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38138",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070332-CVE-2025-38138-e28b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38139",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070333-CVE-2025-38139-5152@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38140",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070333-CVE-2025-38140-0ba9@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38141",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070333-CVE-2025-38141-560e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38142",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070334-CVE-2025-38142-a038@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38143",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070334-CVE-2025-38143-09c4@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38144",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070334-CVE-2025-38144-036b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38145",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070335-CVE-2025-38145-548b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38146",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070335-CVE-2025-38146-4390@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38147",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070335-CVE-2025-38147-52a6@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38148",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070336-CVE-2025-38148-76a4@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38149",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070336-CVE-2025-38149-0dad@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38150",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070336-CVE-2025-38150-3ce8@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38151",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070336-CVE-2025-38151-6483@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38153",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070337-CVE-2025-38153-5735@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38154",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070337-CVE-2025-38154-8353@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38155",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070337-CVE-2025-38155-9967@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38156",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070338-CVE-2025-38156-d23e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38157",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070338-CVE-2025-38157-bc8c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38158",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070338-CVE-2025-38158-d5f0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38159",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070339-CVE-2025-38159-0c95@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38160",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070339-CVE-2025-38160-04ed@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38161",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070339-CVE-2025-38161-0949@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38162",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070340-CVE-2025-38162-cd74@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38163",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070340-CVE-2025-38163-273b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38164",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070340-CVE-2025-38164-2a23@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38165",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070341-CVE-2025-38165-0d70@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38166",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070341-CVE-2025-38166-3dc8@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38167",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070341-CVE-2025-38167-535f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38168",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070341-CVE-2025-38168-da4f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38169",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070342-CVE-2025-38169-11b6@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38170",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070342-CVE-2025-38170-0f47@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38171",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070342-CVE-2025-38171-a380@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38172",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070343-CVE-2025-38172-13be@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38173",
        "url": "https://lore.kernel.org/linux-cve-announce/2025070343-CVE-2025-38173-f02e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:11245 vom 2025-07-16",
        "url": "https://access.redhat.com/errata/RHSA-2025:11245"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7654-1 vom 2025-07-18",
        "url": "https://ubuntu.com/security/notices/USN-7654-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7654-2 vom 2025-07-18",
        "url": "https://ubuntu.com/security/notices/USN-7654-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7654-3 vom 2025-07-18",
        "url": "https://ubuntu.com/security/notices/USN-7654-3"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7655-1 vom 2025-07-18",
        "url": "https://ubuntu.com/security/notices/USN-7655-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7654-4 vom 2025-07-22",
        "url": "https://ubuntu.com/security/notices/USN-7654-4"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:11861 vom 2025-07-28",
        "url": "https://access.redhat.com/errata/RHSA-2025:11861"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:11855 vom 2025-07-28",
        "url": "https://access.redhat.com/errata/RHSA-2025:11855"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7654-5 vom 2025-07-29",
        "url": "https://ubuntu.com/security/notices/USN-7654-5"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-11861 vom 2025-07-30",
        "url": "https://linux.oracle.com/errata/ELSA-2025-11861.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-11855 vom 2025-07-30",
        "url": "https://linux.oracle.com/errata/ELSA-2025-11855.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.10-2025-098 vom 2025-08-05",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.10-2025-098.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.4-2025-105 vom 2025-08-05",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.4-2025-105.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7686-1 vom 2025-08-05",
        "url": "https://ubuntu.com/security/notices/USN-7686-1"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.4-2025-106 vom 2025-08-09",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.4-2025-106.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:13589 vom 2025-08-11",
        "url": "https://access.redhat.com/errata/RHSA-2025:13589"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:13590 vom 2025-08-11",
        "url": "https://access.redhat.com/errata/RHSA-2025:13590"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:13598 vom 2025-08-11",
        "url": "https://access.redhat.com/errata/RHSA-2025:13598"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-13589 vom 2025-08-12",
        "url": "https://linux.oracle.com/errata/ELSA-2025-13589.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5973 vom 2025-08-12",
        "url": "https://lists.debian.org/debian-security-announce/2025/msg00137.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4271 vom 2025-08-13",
        "url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-13598 vom 2025-08-15",
        "url": "https://linux.oracle.com/errata/ELSA-2025-13598.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:13962 vom 2025-08-18",
        "url": "https://access.redhat.com/errata/RHSA-2025:13962"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02848-1 vom 2025-08-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022193.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02851-1 vom 2025-08-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022202.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02852-1 vom 2025-08-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022201.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02850-1 vom 2025-08-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022203.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02853-1 vom 2025-08-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022200.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02849-1 vom 2025-08-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022204.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02846-1 vom 2025-08-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022192.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:14009 vom 2025-08-18",
        "url": "https://access.redhat.com/errata/RHSA-2025:14009"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7699-1 vom 2025-08-18",
        "url": "https://ubuntu.com/security/notices/USN-7699-1"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-08-18T22:00:00.000+00:00",
      "generator": {
        "date": "2025-08-19T05:55:49.436+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.4.0"
        }
      },
      "id": "WID-SEC-W-2025-1452",
      "initial_release_date": "2025-07-02T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-07-02T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2025-07-15T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-07-17T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-07-21T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-07-27T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-07-29T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Ubuntu und Oracle Linux aufgenommen"
        },
        {
          "date": "2025-07-30T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2025-08-04T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2025-08-05T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-08-10T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2025-08-11T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2025-08-12T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2025-08-17T22:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
        },
        {
          "date": "2025-08-18T22:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von SUSE, Red Hat und Ubuntu aufgenommen"
        }
      ],
      "status": "final",
      "version": "14"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Linux Kernel",
            "product": {
              "name": "Open Source Linux Kernel",
              "product_id": "T045032",
              "product_identification_helper": {
                "cpe": "cpe:/o:linux:linux_kernel:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-38091",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38091"
    },
    {
      "cve": "CVE-2025-38092",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38092"
    },
    {
      "cve": "CVE-2025-38093",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38093"
    },
    {
      "cve": "CVE-2025-38094",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38094"
    },
    {
      "cve": "CVE-2025-38095",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38095"
    },
    {
      "cve": "CVE-2025-38096",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38096"
    },
    {
      "cve": "CVE-2025-38097",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38097"
    },
    {
      "cve": "CVE-2025-38098",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38098"
    },
    {
      "cve": "CVE-2025-38099",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38099"
    },
    {
      "cve": "CVE-2025-38100",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38100"
    },
    {
      "cve": "CVE-2025-38101",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38101"
    },
    {
      "cve": "CVE-2025-38102",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38102"
    },
    {
      "cve": "CVE-2025-38103",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38103"
    },
    {
      "cve": "CVE-2025-38105",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38105"
    },
    {
      "cve": "CVE-2025-38106",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38106"
    },
    {
      "cve": "CVE-2025-38107",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38107"
    },
    {
      "cve": "CVE-2025-38108",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38108"
    },
    {
      "cve": "CVE-2025-38109",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38109"
    },
    {
      "cve": "CVE-2025-38110",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38110"
    },
    {
      "cve": "CVE-2025-38111",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38111"
    },
    {
      "cve": "CVE-2025-38112",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38112"
    },
    {
      "cve": "CVE-2025-38113",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38113"
    },
    {
      "cve": "CVE-2025-38114",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38114"
    },
    {
      "cve": "CVE-2025-38115",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38115"
    },
    {
      "cve": "CVE-2025-38116",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38116"
    },
    {
      "cve": "CVE-2025-38117",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38117"
    },
    {
      "cve": "CVE-2025-38118",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38118"
    },
    {
      "cve": "CVE-2025-38119",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38119"
    },
    {
      "cve": "CVE-2025-38120",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38120"
    },
    {
      "cve": "CVE-2025-38121",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38121"
    },
    {
      "cve": "CVE-2025-38122",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38122"
    },
    {
      "cve": "CVE-2025-38123",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38123"
    },
    {
      "cve": "CVE-2025-38124",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38124"
    },
    {
      "cve": "CVE-2025-38125",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38125"
    },
    {
      "cve": "CVE-2025-38126",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38126"
    },
    {
      "cve": "CVE-2025-38127",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38127"
    },
    {
      "cve": "CVE-2025-38128",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38128"
    },
    {
      "cve": "CVE-2025-38129",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38129"
    },
    {
      "cve": "CVE-2025-38130",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38130"
    },
    {
      "cve": "CVE-2025-38131",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38131"
    },
    {
      "cve": "CVE-2025-38132",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38132"
    },
    {
      "cve": "CVE-2025-38133",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38133"
    },
    {
      "cve": "CVE-2025-38134",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38134"
    },
    {
      "cve": "CVE-2025-38135",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38135"
    },
    {
      "cve": "CVE-2025-38136",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38136"
    },
    {
      "cve": "CVE-2025-38137",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38137"
    },
    {
      "cve": "CVE-2025-38138",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38138"
    },
    {
      "cve": "CVE-2025-38139",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38139"
    },
    {
      "cve": "CVE-2025-38140",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38140"
    },
    {
      "cve": "CVE-2025-38141",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38141"
    },
    {
      "cve": "CVE-2025-38142",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38142"
    },
    {
      "cve": "CVE-2025-38143",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38143"
    },
    {
      "cve": "CVE-2025-38144",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38144"
    },
    {
      "cve": "CVE-2025-38145",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38145"
    },
    {
      "cve": "CVE-2025-38146",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38146"
    },
    {
      "cve": "CVE-2025-38147",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38147"
    },
    {
      "cve": "CVE-2025-38148",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38148"
    },
    {
      "cve": "CVE-2025-38149",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38149"
    },
    {
      "cve": "CVE-2025-38150",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38150"
    },
    {
      "cve": "CVE-2025-38151",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38151"
    },
    {
      "cve": "CVE-2025-38153",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38153"
    },
    {
      "cve": "CVE-2025-38154",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38154"
    },
    {
      "cve": "CVE-2025-38155",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38155"
    },
    {
      "cve": "CVE-2025-38156",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38156"
    },
    {
      "cve": "CVE-2025-38157",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38157"
    },
    {
      "cve": "CVE-2025-38158",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38158"
    },
    {
      "cve": "CVE-2025-38159",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38159"
    },
    {
      "cve": "CVE-2025-38160",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38160"
    },
    {
      "cve": "CVE-2025-38161",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38161"
    },
    {
      "cve": "CVE-2025-38162",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38162"
    },
    {
      "cve": "CVE-2025-38163",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38163"
    },
    {
      "cve": "CVE-2025-38164",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38164"
    },
    {
      "cve": "CVE-2025-38165",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38165"
    },
    {
      "cve": "CVE-2025-38166",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38166"
    },
    {
      "cve": "CVE-2025-38167",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38167"
    },
    {
      "cve": "CVE-2025-38168",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38168"
    },
    {
      "cve": "CVE-2025-38169",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38169"
    },
    {
      "cve": "CVE-2025-38170",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38170"
    },
    {
      "cve": "CVE-2025-38171",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38171"
    },
    {
      "cve": "CVE-2025-38172",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38172"
    },
    {
      "cve": "CVE-2025-38173",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T000126",
          "398363",
          "T045032",
          "T004914"
        ]
      },
      "release_date": "2025-07-02T22:00:00.000+00:00",
      "title": "CVE-2025-38173"
    }
  ]
}

fkie_cve-2025-38117

Vulnerability from fkie_nvd

Published

2025-07-03 09:15

Modified

2025-07-03 15:13

Severity ?

Summary

References

▶	URL	Tags
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/4e83f2dbb2bf677e614109df24426c4dded472d4
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/6fe26f694c824b8a4dbf50c635bee1302e3f099c
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/bdd56875c6926d8009914f427df71797693e90d4
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/d7882db79135c829a922daf3571f33ea1e056ae3

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: MGMT: Protect mgmt_pending list with its own lock\n\nThis uses a mutex to protect from concurrent access of mgmt_pending\nlist which can cause crashes like:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in hci_sock_get_channel+0x60/0x68 net/bluetooth/hci_sock.c:91\nRead of size 2 at addr ffff0000c48885b2 by task syz.4.334/7318\n\nCPU: 0 UID: 0 PID: 7318 Comm: syz.4.334 Not tainted 6.15.0-rc7-syzkaller-g187899f4124a #0 PREEMPT\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025\nCall trace:\n show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:466 (C)\n __dump_stack+0x30/0x40 lib/dump_stack.c:94\n dump_stack_lvl+0xd8/0x12c lib/dump_stack.c:120\n print_address_description+0xa8/0x254 mm/kasan/report.c:408\n print_report+0x68/0x84 mm/kasan/report.c:521\n kasan_report+0xb0/0x110 mm/kasan/report.c:634\n __asan_report_load2_noabort+0x20/0x2c mm/kasan/report_generic.c:379\n hci_sock_get_channel+0x60/0x68 net/bluetooth/hci_sock.c:91\n mgmt_pending_find+0x7c/0x140 net/bluetooth/mgmt_util.c:223\n pending_find net/bluetooth/mgmt.c:947 [inline]\n remove_adv_monitor+0x44/0x1a4 net/bluetooth/mgmt.c:5445\n hci_mgmt_cmd+0x780/0xc00 net/bluetooth/hci_sock.c:1712\n hci_sock_sendmsg+0x544/0xbb0 net/bluetooth/hci_sock.c:1832\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg net/socket.c:727 [inline]\n sock_write_iter+0x25c/0x378 net/socket.c:1131\n new_sync_write fs/read_write.c:591 [inline]\n vfs_write+0x62c/0x97c fs/read_write.c:684\n ksys_write+0x120/0x210 fs/read_write.c:736\n __do_sys_write fs/read_write.c:747 [inline]\n __se_sys_write fs/read_write.c:744 [inline]\n __arm64_sys_write+0x7c/0x90 fs/read_write.c:744\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767\n el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600\n\nAllocated by task 7037:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x40/0x78 mm/kasan/common.c:68\n kasan_save_alloc_info+0x44/0x54 mm/kasan/generic.c:562\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x9c/0xb4 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4327 [inline]\n __kmalloc_noprof+0x2fc/0x4c8 mm/slub.c:4339\n kmalloc_noprof include/linux/slab.h:909 [inline]\n sk_prot_alloc+0xc4/0x1f0 net/core/sock.c:2198\n sk_alloc+0x44/0x3ac net/core/sock.c:2254\n bt_sock_alloc+0x4c/0x300 net/bluetooth/af_bluetooth.c:148\n hci_sock_create+0xa8/0x194 net/bluetooth/hci_sock.c:2202\n bt_sock_create+0x14c/0x24c net/bluetooth/af_bluetooth.c:132\n __sock_create+0x43c/0x91c net/socket.c:1541\n sock_create net/socket.c:1599 [inline]\n __sys_socket_create net/socket.c:1636 [inline]\n __sys_socket+0xd4/0x1c0 net/socket.c:1683\n __do_sys_socket net/socket.c:1697 [inline]\n __se_sys_socket net/socket.c:1695 [inline]\n __arm64_sys_socket+0x7c/0x94 net/socket.c:1695\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767\n el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600\n\nFreed by task 6607:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x40/0x78 mm/kasan/common.c:68\n kasan_save_free_info+0x58/0x70 mm/kasan/generic.c:576\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x68/0x88 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline\n---truncated---"
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Bluetooth: MGMT: Proteger la lista mgmt_pending con su propio bloqueo Esto usa un mutex para proteger del acceso concurrente a la lista mgmt_pending que puede causar fallos como: ====================================================================== ERROR: KASAN: slab-use-after-free in hci_sock_get_channel+0x60/0x68 net/bluetooth/hci_sock.c:91 Read of size 2 at addr ffff0000c48885b2 by task syz.4.334/7318 CPU: 0 UID: 0 PID: 7318 Comm: syz.4.334 Not tainted 6.15.0-rc7-syzkaller-g187899f4124a #0 PREEMPT Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 Call trace: show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:466 (C) __dump_stack+0x30/0x40 lib/dump_stack.c:94 dump_stack_lvl+0xd8/0x12c lib/dump_stack.c:120 print_address_description+0xa8/0x254 mm/kasan/report.c:408 print_report+0x68/0x84 mm/kasan/report.c:521 kasan_report+0xb0/0x110 mm/kasan/report.c:634 __asan_report_load2_noabort+0x20/0x2c mm/kasan/report_generic.c:379 hci_sock_get_channel+0x60/0x68 net/bluetooth/hci_sock.c:91 mgmt_pending_find+0x7c/0x140 net/bluetooth/mgmt_util.c:223 pending_find net/bluetooth/mgmt.c:947 [inline] remove_adv_monitor+0x44/0x1a4 net/bluetooth/mgmt.c:5445 hci_mgmt_cmd+0x780/0xc00 net/bluetooth/hci_sock.c:1712 hci_sock_sendmsg+0x544/0xbb0 net/bluetooth/hci_sock.c:1832 sock_sendmsg_nosec net/socket.c:712 [inline] __sock_sendmsg net/socket.c:727 [inline] sock_write_iter+0x25c/0x378 net/socket.c:1131 new_sync_write fs/read_write.c:591 [inline] vfs_write+0x62c/0x97c fs/read_write.c:684 ksys_write+0x120/0x210 fs/read_write.c:736 __do_sys_write fs/read_write.c:747 [inline] __se_sys_write fs/read_write.c:744 [inline] __arm64_sys_write+0x7c/0x90 fs/read_write.c:744 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151 el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767 el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600 Allocated by task 7037: kasan_save_stack mm/kasan/common.c:47 [inline] kasan_save_track+0x40/0x78 mm/kasan/common.c:68 kasan_save_alloc_info+0x44/0x54 mm/kasan/generic.c:562 poison_kmalloc_redzone mm/kasan/common.c:377 [inline] __kasan_kmalloc+0x9c/0xb4 mm/kasan/common.c:394 kasan_kmalloc include/linux/kasan.h:260 [inline] __do_kmalloc_node mm/slub.c:4327 [inline] __kmalloc_noprof+0x2fc/0x4c8 mm/slub.c:4339 kmalloc_noprof include/linux/slab.h:909 [inline] sk_prot_alloc+0xc4/0x1f0 net/core/sock.c:2198 sk_alloc+0x44/0x3ac net/core/sock.c:2254 bt_sock_alloc+0x4c/0x300 net/bluetooth/af_bluetooth.c:148 hci_sock_create+0xa8/0x194 net/bluetooth/hci_sock.c:2202 bt_sock_create+0x14c/0x24c net/bluetooth/af_bluetooth.c:132 __sock_create+0x43c/0x91c net/socket.c:1541 sock_create net/socket.c:1599 [inline] __sys_socket_create net/socket.c:1636 [inline] __sys_socket+0xd4/0x1c0 net/socket.c:1683 __do_sys_socket net/socket.c:1697 [inline] __se_sys_socket net/socket.c:1695 [inline] __arm64_sys_socket+0x7c/0x94 net/socket.c:1695 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151 el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767 el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600 Freed by task 6607: kasan_save_stack mm/kasan/common.c:47 [inline] kasan_save_track+0x40/0x78 mm/kasan/common.c:68 kasan_save_free_info+0x58/0x70 mm/kasan/generic.c:576 poison_slab_object mm/kasan/common.c:247 [inline] __kasan_slab_free+0x68/0x88 mm/kasan/common.c:264 kasan_slab_free include/linux/kasan.h:233 [en l\u00ednea ---truncado---"
    }
  ],
  "id": "CVE-2025-38117",
  "lastModified": "2025-07-03T15:13:53.147",
  "metrics": {},
  "published": "2025-07-03T09:15:25.617",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/4e83f2dbb2bf677e614109df24426c4dded472d4"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/6fe26f694c824b8a4dbf50c635bee1302e3f099c"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/bdd56875c6926d8009914f427df71797693e90d4"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/d7882db79135c829a922daf3571f33ea1e056ae3"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}

ghsa-8j55-wwhv-cgjx

Vulnerability from github

Published

2025-07-03 09:30

Modified

2025-07-03 09:30

Details

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: MGMT: Protect mgmt_pending list with its own lock

This uses a mutex to protect from concurrent access of mgmt_pending list which can cause crashes like:

================================================================== BUG: KASAN: slab-use-after-free in hci_sock_get_channel+0x60/0x68 net/bluetooth/hci_sock.c:91 Read of size 2 at addr ffff0000c48885b2 by task syz.4.334/7318

CPU: 0 UID: 0 PID: 7318 Comm: syz.4.334 Not tainted 6.15.0-rc7-syzkaller-g187899f4124a #0 PREEMPT Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 Call trace: show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:466 (C) __dump_stack+0x30/0x40 lib/dump_stack.c:94 dump_stack_lvl+0xd8/0x12c lib/dump_stack.c:120 print_address_description+0xa8/0x254 mm/kasan/report.c:408 print_report+0x68/0x84 mm/kasan/report.c:521 kasan_report+0xb0/0x110 mm/kasan/report.c:634 __asan_report_load2_noabort+0x20/0x2c mm/kasan/report_generic.c:379 hci_sock_get_channel+0x60/0x68 net/bluetooth/hci_sock.c:91 mgmt_pending_find+0x7c/0x140 net/bluetooth/mgmt_util.c:223 pending_find net/bluetooth/mgmt.c:947 [inline] remove_adv_monitor+0x44/0x1a4 net/bluetooth/mgmt.c:5445 hci_mgmt_cmd+0x780/0xc00 net/bluetooth/hci_sock.c:1712 hci_sock_sendmsg+0x544/0xbb0 net/bluetooth/hci_sock.c:1832 sock_sendmsg_nosec net/socket.c:712 [inline] __sock_sendmsg net/socket.c:727 [inline] sock_write_iter+0x25c/0x378 net/socket.c:1131 new_sync_write fs/read_write.c:591 [inline] vfs_write+0x62c/0x97c fs/read_write.c:684 ksys_write+0x120/0x210 fs/read_write.c:736 __do_sys_write fs/read_write.c:747 [inline] __se_sys_write fs/read_write.c:744 [inline] __arm64_sys_write+0x7c/0x90 fs/read_write.c:744 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151 el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767 el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600

Allocated by task 7037: kasan_save_stack mm/kasan/common.c:47 [inline] kasan_save_track+0x40/0x78 mm/kasan/common.c:68 kasan_save_alloc_info+0x44/0x54 mm/kasan/generic.c:562 poison_kmalloc_redzone mm/kasan/common.c:377 [inline] __kasan_kmalloc+0x9c/0xb4 mm/kasan/common.c:394 kasan_kmalloc include/linux/kasan.h:260 [inline] __do_kmalloc_node mm/slub.c:4327 [inline] __kmalloc_noprof+0x2fc/0x4c8 mm/slub.c:4339 kmalloc_noprof include/linux/slab.h:909 [inline] sk_prot_alloc+0xc4/0x1f0 net/core/sock.c:2198 sk_alloc+0x44/0x3ac net/core/sock.c:2254 bt_sock_alloc+0x4c/0x300 net/bluetooth/af_bluetooth.c:148 hci_sock_create+0xa8/0x194 net/bluetooth/hci_sock.c:2202 bt_sock_create+0x14c/0x24c net/bluetooth/af_bluetooth.c:132 __sock_create+0x43c/0x91c net/socket.c:1541 sock_create net/socket.c:1599 [inline] __sys_socket_create net/socket.c:1636 [inline] __sys_socket+0xd4/0x1c0 net/socket.c:1683 __do_sys_socket net/socket.c:1697 [inline] __se_sys_socket net/socket.c:1695 [inline] __arm64_sys_socket+0x7c/0x94 net/socket.c:1695 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151 el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767 el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600

Freed by task 6607: kasan_save_stack mm/kasan/common.c:47 [inline] kasan_save_track+0x40/0x78 mm/kasan/common.c:68 kasan_save_free_info+0x58/0x70 mm/kasan/generic.c:576 poison_slab_object mm/kasan/common.c:247 [inline] __kasan_slab_free+0x68/0x88 mm/kasan/common.c:264 kasan_slab_free include/linux/kasan.h:233 [inline ---truncated---

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-38117"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-03T09:15:25Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: MGMT: Protect mgmt_pending list with its own lock\n\nThis uses a mutex to protect from concurrent access of mgmt_pending\nlist which can cause crashes like:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in hci_sock_get_channel+0x60/0x68 net/bluetooth/hci_sock.c:91\nRead of size 2 at addr ffff0000c48885b2 by task syz.4.334/7318\n\nCPU: 0 UID: 0 PID: 7318 Comm: syz.4.334 Not tainted 6.15.0-rc7-syzkaller-g187899f4124a #0 PREEMPT\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025\nCall trace:\n show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:466 (C)\n __dump_stack+0x30/0x40 lib/dump_stack.c:94\n dump_stack_lvl+0xd8/0x12c lib/dump_stack.c:120\n print_address_description+0xa8/0x254 mm/kasan/report.c:408\n print_report+0x68/0x84 mm/kasan/report.c:521\n kasan_report+0xb0/0x110 mm/kasan/report.c:634\n __asan_report_load2_noabort+0x20/0x2c mm/kasan/report_generic.c:379\n hci_sock_get_channel+0x60/0x68 net/bluetooth/hci_sock.c:91\n mgmt_pending_find+0x7c/0x140 net/bluetooth/mgmt_util.c:223\n pending_find net/bluetooth/mgmt.c:947 [inline]\n remove_adv_monitor+0x44/0x1a4 net/bluetooth/mgmt.c:5445\n hci_mgmt_cmd+0x780/0xc00 net/bluetooth/hci_sock.c:1712\n hci_sock_sendmsg+0x544/0xbb0 net/bluetooth/hci_sock.c:1832\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg net/socket.c:727 [inline]\n sock_write_iter+0x25c/0x378 net/socket.c:1131\n new_sync_write fs/read_write.c:591 [inline]\n vfs_write+0x62c/0x97c fs/read_write.c:684\n ksys_write+0x120/0x210 fs/read_write.c:736\n __do_sys_write fs/read_write.c:747 [inline]\n __se_sys_write fs/read_write.c:744 [inline]\n __arm64_sys_write+0x7c/0x90 fs/read_write.c:744\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767\n el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600\n\nAllocated by task 7037:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x40/0x78 mm/kasan/common.c:68\n kasan_save_alloc_info+0x44/0x54 mm/kasan/generic.c:562\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x9c/0xb4 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4327 [inline]\n __kmalloc_noprof+0x2fc/0x4c8 mm/slub.c:4339\n kmalloc_noprof include/linux/slab.h:909 [inline]\n sk_prot_alloc+0xc4/0x1f0 net/core/sock.c:2198\n sk_alloc+0x44/0x3ac net/core/sock.c:2254\n bt_sock_alloc+0x4c/0x300 net/bluetooth/af_bluetooth.c:148\n hci_sock_create+0xa8/0x194 net/bluetooth/hci_sock.c:2202\n bt_sock_create+0x14c/0x24c net/bluetooth/af_bluetooth.c:132\n __sock_create+0x43c/0x91c net/socket.c:1541\n sock_create net/socket.c:1599 [inline]\n __sys_socket_create net/socket.c:1636 [inline]\n __sys_socket+0xd4/0x1c0 net/socket.c:1683\n __do_sys_socket net/socket.c:1697 [inline]\n __se_sys_socket net/socket.c:1695 [inline]\n __arm64_sys_socket+0x7c/0x94 net/socket.c:1695\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767\n el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600\n\nFreed by task 6607:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x40/0x78 mm/kasan/common.c:68\n kasan_save_free_info+0x58/0x70 mm/kasan/generic.c:576\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x68/0x88 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline\n---truncated---",
  "id": "GHSA-8j55-wwhv-cgjx",
  "modified": "2025-07-03T09:30:33Z",
  "published": "2025-07-03T09:30:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38117"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4e83f2dbb2bf677e614109df24426c4dded472d4"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6fe26f694c824b8a4dbf50c635bee1302e3f099c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/bdd56875c6926d8009914f427df71797693e90d4"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d7882db79135c829a922daf3571f33ea1e056ae3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2025-38117 (GCVE-0-2025-38117)

Vulnerability from cvelistv5

wid-sec-w-2025-1452

Vulnerability from csaf_certbund

fkie_cve-2025-38117

Vulnerability from fkie_nvd

ghsa-8j55-wwhv-cgjx

Vulnerability from github

Tags

Sightings

Nomenclature