cvelistv5 - cve-2025-38358

CVE-2025-38358 (GCVE-0-2025-38358)

Vulnerability from cvelistv5

Published

2025-07-25 12:47

Modified

2025-07-28 04:19

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between async reclaim worker and close_ctree() Syzbot reported an assertion failure due to an attempt to add a delayed iput after we have set BTRFS_FS_STATE_NO_DELAYED_IPUT in the fs_info state: WARNING: CPU: 0 PID: 65 at fs/btrfs/inode.c:3420 btrfs_add_delayed_iput+0x2f8/0x370 fs/btrfs/inode.c:3420 Modules linked in: CPU: 0 UID: 0 PID: 65 Comm: kworker/u8:4 Not tainted 6.15.0-next-20250530-syzkaller #0 PREEMPT(full) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 Workqueue: btrfs-endio-write btrfs_work_helper RIP: 0010:btrfs_add_delayed_iput+0x2f8/0x370 fs/btrfs/inode.c:3420 Code: 4e ad 5d (...) RSP: 0018:ffffc9000213f780 EFLAGS: 00010293 RAX: ffffffff83c635b7 RBX: ffff888058920000 RCX: ffff88801c769e00 RDX: 0000000000000000 RSI: 0000000000000100 RDI: 0000000000000000 RBP: 0000000000000001 R08: ffff888058921b67 R09: 1ffff1100b12436c R10: dffffc0000000000 R11: ffffed100b12436d R12: 0000000000000001 R13: dffffc0000000000 R14: ffff88807d748000 R15: 0000000000000100 FS: 0000000000000000(0000) GS:ffff888125c53000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00002000000bd038 CR3: 000000006a142000 CR4: 00000000003526f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> btrfs_put_ordered_extent+0x19f/0x470 fs/btrfs/ordered-data.c:635 btrfs_finish_one_ordered+0x11d8/0x1b10 fs/btrfs/inode.c:3312 btrfs_work_helper+0x399/0xc20 fs/btrfs/async-thread.c:312 process_one_work kernel/workqueue.c:3238 [inline] process_scheduled_works+0xae1/0x17b0 kernel/workqueue.c:3321 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3402 kthread+0x70e/0x8a0 kernel/kthread.c:464 ret_from_fork+0x3fc/0x770 arch/x86/kernel/process.c:148 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245 </TASK> This can happen due to a race with the async reclaim worker like this: 1) The async metadata reclaim worker enters shrink_delalloc(), which calls btrfs_start_delalloc_roots() with an nr_pages argument that has a value less than LONG_MAX, and that in turn enters start_delalloc_inodes(), which sets the local variable 'full_flush' to false because wbc->nr_to_write is less than LONG_MAX; 2) There it finds inode X in a root's delalloc list, grabs a reference for inode X (with igrab()), and triggers writeback for it with filemap_fdatawrite_wbc(), which creates an ordered extent for inode X; 3) The unmount sequence starts from another task, we enter close_ctree() and we flush the workqueue fs_info->endio_write_workers, which waits for the ordered extent for inode X to complete and when dropping the last reference of the ordered extent, with btrfs_put_ordered_extent(), when we call btrfs_add_delayed_iput() we don't add the inode to the list of delayed iputs because it has a refcount of 2, so we decrement it to 1 and return; 4) Shortly after at close_ctree() we call btrfs_run_delayed_iputs() which runs all delayed iputs, and then we set BTRFS_FS_STATE_NO_DELAYED_IPUT in the fs_info state; 5) The async reclaim worker, after calling filemap_fdatawrite_wbc(), now calls btrfs_add_delayed_iput() for inode X and there we trigger an assertion failure since the fs_info state has the flag BTRFS_FS_STATE_NO_DELAYED_IPUT set. Fix this by setting BTRFS_FS_STATE_NO_DELAYED_IPUT only after we wait for the async reclaim workers to finish, after we call cancel_work_sync() for them at close_ctree(), and by running delayed iputs after wait for the reclaim workers to finish and before setting the bit. This race was recently introduced by commit 19e60b2a95f5 ("btrfs: add extra warning if delayed iput is added when it's not allowed"). Without the new validation at btrfs_add_delayed_iput(), ---truncated---

References

►

URL

fkie_cve-2025-38358

Vulnerability from fkie_nvd

Published

2025-07-25 13:15

Modified

2025-07-25 15:29

Severity ?

Summary

References

▶	URL	Tags
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/4693cda2c06039c875f2eef0123b22340c34bfa0
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/a26bf338cdad3643a6e7c3d78a172baadba15c1a

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix race between async reclaim worker and close_ctree()\n\nSyzbot reported an assertion failure due to an attempt to add a delayed\niput after we have set BTRFS_FS_STATE_NO_DELAYED_IPUT in the fs_info\nstate:\n\n  WARNING: CPU: 0 PID: 65 at fs/btrfs/inode.c:3420 btrfs_add_delayed_iput+0x2f8/0x370 fs/btrfs/inode.c:3420\n  Modules linked in:\n  CPU: 0 UID: 0 PID: 65 Comm: kworker/u8:4 Not tainted 6.15.0-next-20250530-syzkaller #0 PREEMPT(full)\n  Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\n  Workqueue: btrfs-endio-write btrfs_work_helper\n  RIP: 0010:btrfs_add_delayed_iput+0x2f8/0x370 fs/btrfs/inode.c:3420\n  Code: 4e ad 5d (...)\n  RSP: 0018:ffffc9000213f780 EFLAGS: 00010293\n  RAX: ffffffff83c635b7 RBX: ffff888058920000 RCX: ffff88801c769e00\n  RDX: 0000000000000000 RSI: 0000000000000100 RDI: 0000000000000000\n  RBP: 0000000000000001 R08: ffff888058921b67 R09: 1ffff1100b12436c\n  R10: dffffc0000000000 R11: ffffed100b12436d R12: 0000000000000001\n  R13: dffffc0000000000 R14: ffff88807d748000 R15: 0000000000000100\n  FS:  0000000000000000(0000) GS:ffff888125c53000(0000) knlGS:0000000000000000\n  CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n  CR2: 00002000000bd038 CR3: 000000006a142000 CR4: 00000000003526f0\n  DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n  DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n  Call Trace:\n   \u003cTASK\u003e\n   btrfs_put_ordered_extent+0x19f/0x470 fs/btrfs/ordered-data.c:635\n   btrfs_finish_one_ordered+0x11d8/0x1b10 fs/btrfs/inode.c:3312\n   btrfs_work_helper+0x399/0xc20 fs/btrfs/async-thread.c:312\n   process_one_work kernel/workqueue.c:3238 [inline]\n   process_scheduled_works+0xae1/0x17b0 kernel/workqueue.c:3321\n   worker_thread+0x8a0/0xda0 kernel/workqueue.c:3402\n   kthread+0x70e/0x8a0 kernel/kthread.c:464\n   ret_from_fork+0x3fc/0x770 arch/x86/kernel/process.c:148\n   ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\n   \u003c/TASK\u003e\n\nThis can happen due to a race with the async reclaim worker like this:\n\n1) The async metadata reclaim worker enters shrink_delalloc(), which calls\n   btrfs_start_delalloc_roots() with an nr_pages argument that has a value\n   less than LONG_MAX, and that in turn enters start_delalloc_inodes(),\n   which sets the local variable \u0027full_flush\u0027 to false because\n   wbc-\u003enr_to_write is less than LONG_MAX;\n\n2) There it finds inode X in a root\u0027s delalloc list, grabs a reference for\n   inode X (with igrab()), and triggers writeback for it with\n   filemap_fdatawrite_wbc(), which creates an ordered extent for inode X;\n\n3) The unmount sequence starts from another task, we enter close_ctree()\n   and we flush the workqueue fs_info-\u003eendio_write_workers, which waits\n   for the ordered extent for inode X to complete and when dropping the\n   last reference of the ordered extent, with btrfs_put_ordered_extent(),\n   when we call btrfs_add_delayed_iput() we don\u0027t add the inode to the\n   list of delayed iputs because it has a refcount of 2, so we decrement\n   it to 1 and return;\n\n4) Shortly after at close_ctree() we call btrfs_run_delayed_iputs() which\n   runs all delayed iputs, and then we set BTRFS_FS_STATE_NO_DELAYED_IPUT\n   in the fs_info state;\n\n5) The async reclaim worker, after calling filemap_fdatawrite_wbc(), now\n   calls btrfs_add_delayed_iput() for inode X and there we trigger an\n   assertion failure since the fs_info state has the flag\n   BTRFS_FS_STATE_NO_DELAYED_IPUT set.\n\nFix this by setting BTRFS_FS_STATE_NO_DELAYED_IPUT only after we wait for\nthe async reclaim workers to finish, after we call cancel_work_sync() for\nthem at close_ctree(), and by running delayed iputs after wait for the\nreclaim workers to finish and before setting the bit.\n\nThis race was recently introduced by commit 19e60b2a95f5 (\"btrfs: add\nextra warning if delayed iput is added when it\u0027s not allowed\"). Without\nthe new validation at btrfs_add_delayed_iput(), \n---truncated---"
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: btrfs: correcci\u00f3n de la ejecuci\u00f3n entre el trabajador de recuperaci\u00f3n as\u00edncrono y close_ctree() Syzbot inform\u00f3 de un error de aserci\u00f3n debido a un intento de agregar una entrada retrasada despu\u00e9s de que hayamos establecido BTRFS_FS_STATE_NO_DELAYED_IPUT en el estado WARNING: CPU: 0 PID: 65 at fs/btrfs/inode.c:3420 btrfs_add_delayed_iput+0x2f8/0x370 fs/btrfs/inode.c:3420 Modules linked in: CPU: 0 UID: 0 PID: 65 Comm: kworker/u8:4 Not tainted 6.15.0-next-20250530-syzkaller #0 PREEMPT(full) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 Workqueue: btrfs-endio-write btrfs_work_helper RIP: 0010:btrfs_add_delayed_iput+0x2f8/0x370 fs/btrfs/inode.c:3420 Code: 4e ad 5d (...) RSP: 0018:ffffc9000213f780 EFLAGS: 00010293 RAX: ffffffff83c635b7 RBX: ffff888058920000 RCX: ffff88801c769e00 RDX: 0000000000000000 RSI: 0000000000000100 RDI: 0000000000000000 RBP: 0000000000000001 R08: ffff888058921b67 R09: 1ffff1100b12436c R10: dffffc0000000000 R11: ffffed100b12436d R12: 0000000000000001 R13: dffffc0000000000 R14: ffff88807d748000 R15: 0000000000000100 FS: 0000000000000000(0000) GS:ffff888125c53000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 ---truncado--- Call Trace:  btrfs_put_ordered_extent+0x19f/0x470 fs/btrfs/ordered-data.c:635 btrfs_finish_one_ordered+0x11d8/0x1b10 fs/btrfs/inode.c:3312 btrfs_work_helper+0x399/0xc20 fs/btrfs/async-thread.c:312 process_one_work kernel/workqueue.c:3238 [inline] process_scheduled_works+0xae1/0x17b0 kernel/workqueue.c:3321 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3402 kthread+0x70e/0x8a0 kernel/kthread.c:464 ret_from_fork+0x3fc/0x770 arch/x86/kernel/process.c:148 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245  Esto puede suceder debido a una ejecuci\u00f3n con el trabajador de recuperaci\u00f3n as\u00edncrono como este: 1) El trabajador de recuperaci\u00f3n de metadatos as\u00edncrono ingresa a shrink_delalloc(), que llama a btrfs_start_delalloc_roots() con un argumento nr_pages que tiene un valor menor que LONG_MAX, y que a su vez ingresa a start_delalloc_inodes(), que establece la variable local \u0027full_flush\u0027 en falso porque wbc-\u0026gt;nr_to_write es menor que LONG_MAX; 2) All\u00ed encuentra el inodo X en una lista delalloc de la ra\u00edz, toma una referencia para el inodo X (con igrab()), y activa la escritura diferida para \u00e9l con filemap_fdatawrite_wbc(), que crea una extensi\u00f3n ordenada para el inodo X; 3) La secuencia de desmontaje comienza desde otra tarea, ingresamos close_ctree() y limpiamos la cola de trabajo fs_info-\u0026gt;endio_write_workers, que espera a que se complete la extensi\u00f3n ordenada para el inodo X y cuando eliminamos la \u00faltima referencia de la extensi\u00f3n ordenada, con btrfs_put_ordered_extent(), cuando llamamos a btrfs_add_delayed_iput() no agregamos el inodo a la lista de entradas retrasadas porque tiene un refcount de 2, por lo que lo decrementamos a 1 y regresamos; 4) Poco despu\u00e9s, en close_ctree(), llamamos a btrfs_run_delayed_iputs(), que ejecuta todas las entradas retrasadas, y luego establecemos BTRFS_FS_STATE_NO_DELAYED_IPUT en el estado fs_info. 5) El trabajador de recuperaci\u00f3n as\u00edncrono, despu\u00e9s de llamar a filemap_fdatawrite_wbc(), ahora llama a btrfs_add_delayed_iput() para el inodo X y all\u00ed desencadenamos un error de aserci\u00f3n, ya que el estado fs_info tiene el indicador BTRFS_FS_STATE_NO_DELAYED_IPUT establecido. Solucione esto estableciendo BTRFS_FS_STATE_NO_DELAYED_IPUT solo despu\u00e9s de esperar a que finalicen los trabajadores de recuperaci\u00f3n as\u00edncronos, despu\u00e9s de llamar a cancel_work_sync() para ellos en close_ctree(), y ejecutando las entradas retrasadas despu\u00e9s de esperar a que finalicen los trabajadores de recuperaci\u00f3n y antes de establecer el bit. Esta ejecuci\u00f3n se introdujo recientemente mediante el commit 19e60b2a95f5 (\"btrfs: a\u00f1adir una advertencia adicional si se a\u00f1ade una entrada retardada cuando no est\u00e1 permitida\"). Sin la nueva validaci\u00f3n en btrfs_add_delayed_iput(), ---truncado---"
    }
  ],
  "id": "CVE-2025-38358",
  "lastModified": "2025-07-25T15:29:19.837",
  "metrics": {},
  "published": "2025-07-25T13:15:24.573",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/4693cda2c06039c875f2eef0123b22340c34bfa0"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/a26bf338cdad3643a6e7c3d78a172baadba15c1a"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}

wid-sec-w-2025-1653

Vulnerability from csaf_certbund

Published

2025-07-27 22:00

Modified

2025-08-18 22:00

Summary

Linux Kernel: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff

Ein entfernter anonymer Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder andere nicht spezifizierte Angriffe durchzuführen.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter anonymer Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder andere nicht spezifizierte Angriffe durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-1653 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1653.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-1653 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1653"
      },
      {
        "category": "external",
        "summary": "Kernel CVE Announce Mailingliste",
        "url": "https://lore.kernel.org/linux-cve-announce/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38353",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072553-CVE-2025-38353-a9eb@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38354",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072555-CVE-2025-38354-bdcd@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38355",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072555-CVE-2025-38355-2855@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38356",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072555-CVE-2025-38356-286a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38357",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072556-CVE-2025-38357-8b0a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38358",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072556-CVE-2025-38358-8d7f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38359",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072556-CVE-2025-38359-8cda@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38360",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072557-CVE-2025-38360-1f17@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38361",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072557-CVE-2025-38361-3f11@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38362",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072557-CVE-2025-38362-8922@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38363",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072557-CVE-2025-38363-122c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38364",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072558-CVE-2025-38364-74db@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38365",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072558-CVE-2025-38365-0519@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38366",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072558-CVE-2025-38366-26b8@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38367",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072558-CVE-2025-38367-df91@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38368",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072559-CVE-2025-38368-e561@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38369",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072559-CVE-2025-38369-6ddf@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38370",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072502-CVE-2025-38370-857d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38371",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072502-CVE-2025-38371-ff41@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38372",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072503-CVE-2025-38372-6659@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38373",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072503-CVE-2025-38373-b6fa@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38374",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072503-CVE-2025-38374-52a8@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38375",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072503-CVE-2025-38375-3faa@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38376",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072504-CVE-2025-38376-e290@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38377",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072504-CVE-2025-38377-a0c0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38378",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072504-CVE-2025-38378-4e10@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38379",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072505-CVE-2025-38379-97db@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38380",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072505-CVE-2025-38380-d1a9@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38381",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072505-CVE-2025-38381-b27a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38382",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072505-CVE-2025-38382-c4f2@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38383",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072506-CVE-2025-38383-c967@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38384",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072506-CVE-2025-38384-391e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38385",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072506-CVE-2025-38385-936c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38386",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072506-CVE-2025-38386-0a8a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38387",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072507-CVE-2025-38387-f9d4@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38388",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072507-CVE-2025-38388-402a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38389",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072507-CVE-2025-38389-b1f4@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38390",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072508-CVE-2025-38390-7d67@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38391",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072508-CVE-2025-38391-0064@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38392",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072508-CVE-2025-38392-17a6@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38393",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072508-CVE-2025-38393-f2e8@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38394",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072509-CVE-2025-38394-f005@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38395",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072509-CVE-2025-38395-3a19@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38396",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072509-CVE-2025-38396-92a5@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38397",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072509-CVE-2025-38397-d375@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38398",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072510-CVE-2025-38398-1271@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38399",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072510-CVE-2025-38399-00ec@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38400",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072510-CVE-2025-38400-a0d2@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38401",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072510-CVE-2025-38401-789b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38402",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072511-CVE-2025-38402-e08c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38403",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072504-CVE-2025-38403-0da0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38404",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072521-CVE-2025-38404-f719@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38405",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072511-CVE-2025-38405-014e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38406",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072533-CVE-2025-38406-5f5c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38407",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072520-CVE-2025-38407-98b5@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38408",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072520-CVE-2025-38408-29e7@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38409",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072520-CVE-2025-38409-cee4@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38410",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072521-CVE-2025-38410-e0e7@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38411",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072521-CVE-2025-38411-0ca7@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38412",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072521-CVE-2025-38412-2ccc@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38413",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072521-CVE-2025-38413-d64f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38414",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072512-CVE-2025-38414-8302@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38415",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072513-CVE-2025-38415-c634@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38416",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072511-CVE-2025-38416-e4bb@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38417",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072546-CVE-2025-38417-12d4@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38418",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072546-CVE-2025-38418-7af0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38419",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072546-CVE-2025-38419-c07e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38420",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072552-CVE-2025-38420-13a5@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38421",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072554-CVE-2025-38421-8601@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38422",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072554-CVE-2025-38422-5d9b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38423",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072554-CVE-2025-38423-171a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38424",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072555-CVE-2025-38424-500e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38425",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072555-CVE-2025-38425-d34f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38426",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072555-CVE-2025-38426-718c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38427",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072555-CVE-2025-38427-6e37@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38428",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072556-CVE-2025-38428-8b33@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38429",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072556-CVE-2025-38429-f662@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38430",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072556-CVE-2025-38430-dafd@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38431",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072537-CVE-2025-38431-9bb6@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38432",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072516-CVE-2025-38432-ce36@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38433",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072511-CVE-2025-38433-6d14@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38434",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072512-CVE-2025-38434-ecdf@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38435",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072512-CVE-2025-38435-ffc0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38436",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072512-CVE-2025-38436-8cb6@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38437",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072559-CVE-2025-38437-9752@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38438",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072501-CVE-2025-38438-f653@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38439",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072501-CVE-2025-38439-3f3b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38440",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072501-CVE-2025-38440-cb71@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38441",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072502-CVE-2025-38441-bb71@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38442",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072502-CVE-2025-38442-2844@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38443",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072502-CVE-2025-38443-419c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38444",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072503-CVE-2025-38444-4b60@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38445",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072503-CVE-2025-38445-7295@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38446",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072503-CVE-2025-38446-492b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38447",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072503-CVE-2025-38447-5233@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38448",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072504-CVE-2025-38448-f242@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38449",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072504-CVE-2025-38449-cbf0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38450",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072504-CVE-2025-38450-a59f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38451",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072504-CVE-2025-38451-ee66@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38452",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072505-CVE-2025-38452-d9d1@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38453",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072505-CVE-2025-38453-69b1@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38454",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072505-CVE-2025-38454-8908@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38455",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072505-CVE-2025-38455-9331@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38456",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072506-CVE-2025-38456-3c0a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38457",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072506-CVE-2025-38457-d302@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38458",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072506-CVE-2025-38458-d999@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38459",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072507-CVE-2025-38459-e941@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38460",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072507-CVE-2025-38460-40fb@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38461",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072507-CVE-2025-38461-33b1@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38462",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072507-CVE-2025-38462-3e15@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38463",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072508-CVE-2025-38463-f4a1@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38464",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072508-CVE-2025-38464-44a1@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38465",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072508-CVE-2025-38465-28ad@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38466",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072508-CVE-2025-38466-11e8@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38467",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072509-CVE-2025-38467-eb0c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:13776 vom 2025-08-13",
        "url": "https://access.redhat.com/errata/RHSA-2025:13776"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5973 vom 2025-08-12",
        "url": "https://lists.debian.org/debian-security-announce/2025/msg00137.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5975 vom 2025-08-13",
        "url": "https://lists.debian.org/debian-security-announce/2025/msg00139.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:13960 vom 2025-08-18",
        "url": "https://access.redhat.com/errata/RHSA-2025:13960"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:13962 vom 2025-08-18",
        "url": "https://access.redhat.com/errata/RHSA-2025:13962"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-13960 vom 2025-08-19",
        "url": "https://linux.oracle.com/errata/ELSA-2025-13960.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02853-1 vom 2025-08-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022200.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:14054 vom 2025-08-19",
        "url": "https://access.redhat.com/errata/RHSA-2025:14054"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:14005 vom 2025-08-18",
        "url": "https://access.redhat.com/errata/RHSA-2025:14005"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:14009 vom 2025-08-18",
        "url": "https://access.redhat.com/errata/RHSA-2025:14009"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:14003 vom 2025-08-18",
        "url": "https://access.redhat.com/errata/RHSA-2025:14003"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02846-1 vom 2025-08-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022192.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-08-18T22:00:00.000+00:00",
      "generator": {
        "date": "2025-08-19T05:55:35.960+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.4.0"
        }
      },
      "id": "WID-SEC-W-2025-1653",
      "initial_release_date": "2025-07-27T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-07-27T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2025-08-12T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat und Debian aufgenommen"
        },
        {
          "date": "2025-08-13T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2025-08-17T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-08-18T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Oracle Linux, SUSE und Red Hat aufgenommen"
        }
      ],
      "status": "final",
      "version": "5"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Linux Kernel",
            "product": {
              "name": "Open Source Linux Kernel",
              "product_id": "T008144",
              "product_identification_helper": {
                "cpe": "cpe:/a:linux:linux_kernel:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-38353",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38353"
    },
    {
      "cve": "CVE-2025-38354",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38354"
    },
    {
      "cve": "CVE-2025-38355",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38355"
    },
    {
      "cve": "CVE-2025-38356",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38356"
    },
    {
      "cve": "CVE-2025-38357",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38357"
    },
    {
      "cve": "CVE-2025-38358",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38358"
    },
    {
      "cve": "CVE-2025-38359",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38359"
    },
    {
      "cve": "CVE-2025-38360",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38360"
    },
    {
      "cve": "CVE-2025-38361",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38361"
    },
    {
      "cve": "CVE-2025-38362",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38362"
    },
    {
      "cve": "CVE-2025-38363",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38363"
    },
    {
      "cve": "CVE-2025-38364",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38364"
    },
    {
      "cve": "CVE-2025-38365",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38365"
    },
    {
      "cve": "CVE-2025-38366",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38366"
    },
    {
      "cve": "CVE-2025-38367",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38367"
    },
    {
      "cve": "CVE-2025-38368",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38368"
    },
    {
      "cve": "CVE-2025-38369",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38369"
    },
    {
      "cve": "CVE-2025-38370",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38370"
    },
    {
      "cve": "CVE-2025-38371",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38371"
    },
    {
      "cve": "CVE-2025-38372",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38372"
    },
    {
      "cve": "CVE-2025-38373",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38373"
    },
    {
      "cve": "CVE-2025-38374",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38374"
    },
    {
      "cve": "CVE-2025-38375",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38375"
    },
    {
      "cve": "CVE-2025-38376",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38376"
    },
    {
      "cve": "CVE-2025-38377",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38377"
    },
    {
      "cve": "CVE-2025-38378",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38378"
    },
    {
      "cve": "CVE-2025-38379",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38379"
    },
    {
      "cve": "CVE-2025-38380",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38380"
    },
    {
      "cve": "CVE-2025-38381",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38381"
    },
    {
      "cve": "CVE-2025-38382",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38382"
    },
    {
      "cve": "CVE-2025-38383",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38383"
    },
    {
      "cve": "CVE-2025-38384",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38384"
    },
    {
      "cve": "CVE-2025-38385",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38385"
    },
    {
      "cve": "CVE-2025-38386",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38386"
    },
    {
      "cve": "CVE-2025-38387",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38387"
    },
    {
      "cve": "CVE-2025-38388",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38388"
    },
    {
      "cve": "CVE-2025-38389",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38389"
    },
    {
      "cve": "CVE-2025-38390",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38390"
    },
    {
      "cve": "CVE-2025-38391",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38391"
    },
    {
      "cve": "CVE-2025-38392",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38392"
    },
    {
      "cve": "CVE-2025-38393",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38393"
    },
    {
      "cve": "CVE-2025-38394",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38394"
    },
    {
      "cve": "CVE-2025-38395",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38395"
    },
    {
      "cve": "CVE-2025-38396",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38396"
    },
    {
      "cve": "CVE-2025-38397",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38397"
    },
    {
      "cve": "CVE-2025-38398",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38398"
    },
    {
      "cve": "CVE-2025-38399",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38399"
    },
    {
      "cve": "CVE-2025-38400",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38400"
    },
    {
      "cve": "CVE-2025-38401",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38401"
    },
    {
      "cve": "CVE-2025-38402",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38402"
    },
    {
      "cve": "CVE-2025-38403",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38403"
    },
    {
      "cve": "CVE-2025-38404",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38404"
    },
    {
      "cve": "CVE-2025-38405",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38405"
    },
    {
      "cve": "CVE-2025-38406",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38406"
    },
    {
      "cve": "CVE-2025-38407",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38407"
    },
    {
      "cve": "CVE-2025-38408",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38408"
    },
    {
      "cve": "CVE-2025-38409",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38409"
    },
    {
      "cve": "CVE-2025-38410",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38410"
    },
    {
      "cve": "CVE-2025-38411",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38411"
    },
    {
      "cve": "CVE-2025-38412",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38412"
    },
    {
      "cve": "CVE-2025-38413",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38413"
    },
    {
      "cve": "CVE-2025-38414",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38414"
    },
    {
      "cve": "CVE-2025-38415",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38415"
    },
    {
      "cve": "CVE-2025-38416",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38416"
    },
    {
      "cve": "CVE-2025-38417",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38417"
    },
    {
      "cve": "CVE-2025-38418",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38418"
    },
    {
      "cve": "CVE-2025-38419",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38419"
    },
    {
      "cve": "CVE-2025-38420",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38420"
    },
    {
      "cve": "CVE-2025-38421",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38421"
    },
    {
      "cve": "CVE-2025-38422",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38422"
    },
    {
      "cve": "CVE-2025-38423",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38423"
    },
    {
      "cve": "CVE-2025-38424",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38424"
    },
    {
      "cve": "CVE-2025-38425",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38425"
    },
    {
      "cve": "CVE-2025-38426",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38426"
    },
    {
      "cve": "CVE-2025-38427",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38427"
    },
    {
      "cve": "CVE-2025-38428",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38428"
    },
    {
      "cve": "CVE-2025-38429",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38429"
    },
    {
      "cve": "CVE-2025-38430",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38430"
    },
    {
      "cve": "CVE-2025-38431",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38431"
    },
    {
      "cve": "CVE-2025-38432",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38432"
    },
    {
      "cve": "CVE-2025-38433",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38433"
    },
    {
      "cve": "CVE-2025-38434",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38434"
    },
    {
      "cve": "CVE-2025-38435",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38435"
    },
    {
      "cve": "CVE-2025-38436",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38436"
    },
    {
      "cve": "CVE-2025-38437",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38437"
    },
    {
      "cve": "CVE-2025-38438",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38438"
    },
    {
      "cve": "CVE-2025-38439",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38439"
    },
    {
      "cve": "CVE-2025-38440",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38440"
    },
    {
      "cve": "CVE-2025-38441",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38441"
    },
    {
      "cve": "CVE-2025-38442",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38442"
    },
    {
      "cve": "CVE-2025-38443",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38443"
    },
    {
      "cve": "CVE-2025-38444",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38444"
    },
    {
      "cve": "CVE-2025-38445",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38445"
    },
    {
      "cve": "CVE-2025-38446",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38446"
    },
    {
      "cve": "CVE-2025-38447",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38447"
    },
    {
      "cve": "CVE-2025-38448",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38448"
    },
    {
      "cve": "CVE-2025-38449",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38449"
    },
    {
      "cve": "CVE-2025-38450",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38450"
    },
    {
      "cve": "CVE-2025-38451",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38451"
    },
    {
      "cve": "CVE-2025-38452",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38452"
    },
    {
      "cve": "CVE-2025-38453",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38453"
    },
    {
      "cve": "CVE-2025-38454",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38454"
    },
    {
      "cve": "CVE-2025-38455",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38455"
    },
    {
      "cve": "CVE-2025-38456",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38456"
    },
    {
      "cve": "CVE-2025-38457",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38457"
    },
    {
      "cve": "CVE-2025-38458",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38458"
    },
    {
      "cve": "CVE-2025-38459",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38459"
    },
    {
      "cve": "CVE-2025-38460",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38460"
    },
    {
      "cve": "CVE-2025-38461",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38461"
    },
    {
      "cve": "CVE-2025-38462",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38462"
    },
    {
      "cve": "CVE-2025-38463",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38463"
    },
    {
      "cve": "CVE-2025-38464",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38464"
    },
    {
      "cve": "CVE-2025-38465",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38465"
    },
    {
      "cve": "CVE-2025-38466",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38466"
    },
    {
      "cve": "CVE-2025-38467",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646",
          "T004914",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38467"
    }
  ]
}

ghsa-cv9m-prxm-594h

Vulnerability from github

Published

2025-07-25 15:30

Modified

2025-07-25 15:30

Details

In the Linux kernel, the following vulnerability has been resolved:

btrfs: fix race between async reclaim worker and close_ctree()

Syzbot reported an assertion failure due to an attempt to add a delayed iput after we have set BTRFS_FS_STATE_NO_DELAYED_IPUT in the fs_info state:

WARNING: CPU: 0 PID: 65 at fs/btrfs/inode.c:3420 btrfs_add_delayed_iput+0x2f8/0x370 fs/btrfs/inode.c:3420 Modules linked in: CPU: 0 UID: 0 PID: 65 Comm: kworker/u8:4 Not tainted 6.15.0-next-20250530-syzkaller #0 PREEMPT(full) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 Workqueue: btrfs-endio-write btrfs_work_helper RIP: 0010:btrfs_add_delayed_iput+0x2f8/0x370 fs/btrfs/inode.c:3420 Code: 4e ad 5d (...) RSP: 0018:ffffc9000213f780 EFLAGS: 00010293 RAX: ffffffff83c635b7 RBX: ffff888058920000 RCX: ffff88801c769e00 RDX: 0000000000000000 RSI: 0000000000000100 RDI: 0000000000000000 RBP: 0000000000000001 R08: ffff888058921b67 R09: 1ffff1100b12436c R10: dffffc0000000000 R11: ffffed100b12436d R12: 0000000000000001 R13: dffffc0000000000 R14: ffff88807d748000 R15: 0000000000000100 FS: 0000000000000000(0000) GS:ffff888125c53000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00002000000bd038 CR3: 000000006a142000 CR4: 00000000003526f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: btrfs_put_ordered_extent+0x19f/0x470 fs/btrfs/ordered-data.c:635 btrfs_finish_one_ordered+0x11d8/0x1b10 fs/btrfs/inode.c:3312 btrfs_work_helper+0x399/0xc20 fs/btrfs/async-thread.c:312 process_one_work kernel/workqueue.c:3238 [inline] process_scheduled_works+0xae1/0x17b0 kernel/workqueue.c:3321 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3402 kthread+0x70e/0x8a0 kernel/kthread.c:464 ret_from_fork+0x3fc/0x770 arch/x86/kernel/process.c:148 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

This can happen due to a race with the async reclaim worker like this:

1) The async metadata reclaim worker enters shrink_delalloc(), which calls btrfs_start_delalloc_roots() with an nr_pages argument that has a value less than LONG_MAX, and that in turn enters start_delalloc_inodes(), which sets the local variable 'full_flush' to false because wbc->nr_to_write is less than LONG_MAX;

2) There it finds inode X in a root's delalloc list, grabs a reference for inode X (with igrab()), and triggers writeback for it with filemap_fdatawrite_wbc(), which creates an ordered extent for inode X;

3) The unmount sequence starts from another task, we enter close_ctree() and we flush the workqueue fs_info->endio_write_workers, which waits for the ordered extent for inode X to complete and when dropping the last reference of the ordered extent, with btrfs_put_ordered_extent(), when we call btrfs_add_delayed_iput() we don't add the inode to the list of delayed iputs because it has a refcount of 2, so we decrement it to 1 and return;

4) Shortly after at close_ctree() we call btrfs_run_delayed_iputs() which runs all delayed iputs, and then we set BTRFS_FS_STATE_NO_DELAYED_IPUT in the fs_info state;

5) The async reclaim worker, after calling filemap_fdatawrite_wbc(), now calls btrfs_add_delayed_iput() for inode X and there we trigger an assertion failure since the fs_info state has the flag BTRFS_FS_STATE_NO_DELAYED_IPUT set.

Fix this by setting BTRFS_FS_STATE_NO_DELAYED_IPUT only after we wait for the async reclaim workers to finish, after we call cancel_work_sync() for them at close_ctree(), and by running delayed iputs after wait for the reclaim workers to finish and before setting the bit.

This race was recently introduced by commit 19e60b2a95f5 ("btrfs: add extra warning if delayed iput is added when it's not allowed"). Without the new validation at btrfs_add_delayed_iput(), ---truncated---

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-38358"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-25T13:15:24Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix race between async reclaim worker and close_ctree()\n\nSyzbot reported an assertion failure due to an attempt to add a delayed\niput after we have set BTRFS_FS_STATE_NO_DELAYED_IPUT in the fs_info\nstate:\n\n  WARNING: CPU: 0 PID: 65 at fs/btrfs/inode.c:3420 btrfs_add_delayed_iput+0x2f8/0x370 fs/btrfs/inode.c:3420\n  Modules linked in:\n  CPU: 0 UID: 0 PID: 65 Comm: kworker/u8:4 Not tainted 6.15.0-next-20250530-syzkaller #0 PREEMPT(full)\n  Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\n  Workqueue: btrfs-endio-write btrfs_work_helper\n  RIP: 0010:btrfs_add_delayed_iput+0x2f8/0x370 fs/btrfs/inode.c:3420\n  Code: 4e ad 5d (...)\n  RSP: 0018:ffffc9000213f780 EFLAGS: 00010293\n  RAX: ffffffff83c635b7 RBX: ffff888058920000 RCX: ffff88801c769e00\n  RDX: 0000000000000000 RSI: 0000000000000100 RDI: 0000000000000000\n  RBP: 0000000000000001 R08: ffff888058921b67 R09: 1ffff1100b12436c\n  R10: dffffc0000000000 R11: ffffed100b12436d R12: 0000000000000001\n  R13: dffffc0000000000 R14: ffff88807d748000 R15: 0000000000000100\n  FS:  0000000000000000(0000) GS:ffff888125c53000(0000) knlGS:0000000000000000\n  CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n  CR2: 00002000000bd038 CR3: 000000006a142000 CR4: 00000000003526f0\n  DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n  DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n  Call Trace:\n   \u003cTASK\u003e\n   btrfs_put_ordered_extent+0x19f/0x470 fs/btrfs/ordered-data.c:635\n   btrfs_finish_one_ordered+0x11d8/0x1b10 fs/btrfs/inode.c:3312\n   btrfs_work_helper+0x399/0xc20 fs/btrfs/async-thread.c:312\n   process_one_work kernel/workqueue.c:3238 [inline]\n   process_scheduled_works+0xae1/0x17b0 kernel/workqueue.c:3321\n   worker_thread+0x8a0/0xda0 kernel/workqueue.c:3402\n   kthread+0x70e/0x8a0 kernel/kthread.c:464\n   ret_from_fork+0x3fc/0x770 arch/x86/kernel/process.c:148\n   ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\n   \u003c/TASK\u003e\n\nThis can happen due to a race with the async reclaim worker like this:\n\n1) The async metadata reclaim worker enters shrink_delalloc(), which calls\n   btrfs_start_delalloc_roots() with an nr_pages argument that has a value\n   less than LONG_MAX, and that in turn enters start_delalloc_inodes(),\n   which sets the local variable \u0027full_flush\u0027 to false because\n   wbc-\u003enr_to_write is less than LONG_MAX;\n\n2) There it finds inode X in a root\u0027s delalloc list, grabs a reference for\n   inode X (with igrab()), and triggers writeback for it with\n   filemap_fdatawrite_wbc(), which creates an ordered extent for inode X;\n\n3) The unmount sequence starts from another task, we enter close_ctree()\n   and we flush the workqueue fs_info-\u003eendio_write_workers, which waits\n   for the ordered extent for inode X to complete and when dropping the\n   last reference of the ordered extent, with btrfs_put_ordered_extent(),\n   when we call btrfs_add_delayed_iput() we don\u0027t add the inode to the\n   list of delayed iputs because it has a refcount of 2, so we decrement\n   it to 1 and return;\n\n4) Shortly after at close_ctree() we call btrfs_run_delayed_iputs() which\n   runs all delayed iputs, and then we set BTRFS_FS_STATE_NO_DELAYED_IPUT\n   in the fs_info state;\n\n5) The async reclaim worker, after calling filemap_fdatawrite_wbc(), now\n   calls btrfs_add_delayed_iput() for inode X and there we trigger an\n   assertion failure since the fs_info state has the flag\n   BTRFS_FS_STATE_NO_DELAYED_IPUT set.\n\nFix this by setting BTRFS_FS_STATE_NO_DELAYED_IPUT only after we wait for\nthe async reclaim workers to finish, after we call cancel_work_sync() for\nthem at close_ctree(), and by running delayed iputs after wait for the\nreclaim workers to finish and before setting the bit.\n\nThis race was recently introduced by commit 19e60b2a95f5 (\"btrfs: add\nextra warning if delayed iput is added when it\u0027s not allowed\"). Without\nthe new validation at btrfs_add_delayed_iput(), \n---truncated---",
  "id": "GHSA-cv9m-prxm-594h",
  "modified": "2025-07-25T15:30:51Z",
  "published": "2025-07-25T15:30:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38358"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4693cda2c06039c875f2eef0123b22340c34bfa0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a26bf338cdad3643a6e7c3d78a172baadba15c1a"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2025-38358 (GCVE-0-2025-38358)

Vulnerability from cvelistv5

fkie_cve-2025-38358

Vulnerability from fkie_nvd

wid-sec-w-2025-1653

Vulnerability from csaf_certbund

ghsa-cv9m-prxm-594h

Vulnerability from github

Tags

Sightings

Nomenclature