cvelistv5 - cve-2025-38407

CVE-2025-38407 (GCVE-0-2025-38407)

Vulnerability from cvelistv5

Published

2025-07-25 13:20

Modified

2025-07-28 04:21

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: riscv: cpu_ops_sbi: Use static array for boot_data Since commit 6b9f29b81b15 ("riscv: Enable pcpu page first chunk allocator"), if NUMA is enabled, the page percpu allocator may be used on very sparse configurations, or when requested on boot with percpu_alloc=page. In that case, percpu data gets put in the vmalloc area. However, sbi_hsm_hart_start() needs the physical address of a sbi_hart_boot_data, and simply assumes that __pa() would work. This causes the just started hart to immediately access an invalid address and hang. Fortunately, struct sbi_hart_boot_data is not too large, so we can simply allocate an array for boot_data statically, putting it in the kernel image. This fixes NUMA=y SMP boot on Sophgo SG2042. To reproduce on QEMU: Set CONFIG_NUMA=y and CONFIG_DEBUG_VIRTUAL=y, then run with: qemu-system-riscv64 -M virt -smp 2 -nographic \ -kernel arch/riscv/boot/Image \ -append "percpu_alloc=page" Kernel output: [ 0.000000] Booting Linux on hartid 0 [ 0.000000] Linux version 6.16.0-rc1 (dram@sakuya) (riscv64-unknown-linux-gnu-gcc (GCC) 14.2.1 20250322, GNU ld (GNU Binutils) 2.44) #11 SMP Tue Jun 24 14:56:22 CST 2025 ... [ 0.000000] percpu: 28 4K pages/cpu s85784 r8192 d20712 ... [ 0.083192] smp: Bringing up secondary CPUs ... [ 0.086722] ------------[ cut here ]------------ [ 0.086849] virt_to_phys used for non-linear address: (____ptrval____) (0xff2000000001d080) [ 0.088001] WARNING: CPU: 0 PID: 1 at arch/riscv/mm/physaddr.c:14 __virt_to_phys+0xae/0xe8 [ 0.088376] Modules linked in: [ 0.088656] CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.16.0-rc1 #11 NONE [ 0.088833] Hardware name: riscv-virtio,qemu (DT) [ 0.088948] epc : __virt_to_phys+0xae/0xe8 [ 0.089001] ra : __virt_to_phys+0xae/0xe8 [ 0.089037] epc : ffffffff80021eaa ra : ffffffff80021eaa sp : ff2000000004bbc0 [ 0.089057] gp : ffffffff817f49c0 tp : ff60000001d60000 t0 : 5f6f745f74726976 [ 0.089076] t1 : 0000000000000076 t2 : 705f6f745f747269 s0 : ff2000000004bbe0 [ 0.089095] s1 : ff2000000001d080 a0 : 0000000000000000 a1 : 0000000000000000 [ 0.089113] a2 : 0000000000000000 a3 : 0000000000000000 a4 : 0000000000000000 [ 0.089131] a5 : 0000000000000000 a6 : 0000000000000000 a7 : 0000000000000000 [ 0.089155] s2 : ffffffff8130dc00 s3 : 0000000000000001 s4 : 0000000000000001 [ 0.089174] s5 : ffffffff8185eff8 s6 : ff2000007f1eb000 s7 : ffffffff8002a2ec [ 0.089193] s8 : 0000000000000001 s9 : 0000000000000001 s10: 0000000000000000 [ 0.089211] s11: 0000000000000000 t3 : ffffffff8180a9f7 t4 : ffffffff8180a9f7 [ 0.089960] t5 : ffffffff8180a9f8 t6 : ff2000000004b9d8 [ 0.089984] status: 0000000200000120 badaddr: ffffffff80021eaa cause: 0000000000000003 [ 0.090101] [<ffffffff80021eaa>] __virt_to_phys+0xae/0xe8 [ 0.090228] [<ffffffff8001d796>] sbi_cpu_start+0x6e/0xe8 [ 0.090247] [<ffffffff8001a5da>] __cpu_up+0x1e/0x8c [ 0.090260] [<ffffffff8002a32e>] bringup_cpu+0x42/0x258 [ 0.090277] [<ffffffff8002914c>] cpuhp_invoke_callback+0xe0/0x40c [ 0.090292] [<ffffffff800294e0>] __cpuhp_invoke_callback_range+0x68/0xfc [ 0.090320] [<ffffffff8002a96a>] _cpu_up+0x11a/0x244 [ 0.090334] [<ffffffff8002aae6>] cpu_up+0x52/0x90 [ 0.090384] [<ffffffff80c09350>] bringup_nonboot_cpus+0x78/0x118 [ 0.090411] [<ffffffff80c11060>] smp_init+0x34/0xb8 [ 0.090425] [<ffffffff80c01220>] kernel_init_freeable+0x148/0x2e4 [ 0.090442] [<ffffffff80b83802>] kernel_init+0x1e/0x14c [ 0.090455] [<ffffffff800124ca>] ret_from_fork_kernel+0xe/0xf0 [ 0.090471] [<ffffffff80b8d9c2>] ret_from_fork_kernel_asm+0x16/0x18 [ 0.090560] ---[ end trace 0000000000000000 ]--- [ 1.179875] CPU1: failed to come online [ 1.190324] smp: Brought up 1 node, 1 CPU

References

►

URL

ghsa-qq4v-pr8w-v8hg

Vulnerability from github

Published

2025-07-25 15:30

Modified

2025-07-25 15:30

Details

In the Linux kernel, the following vulnerability has been resolved:

riscv: cpu_ops_sbi: Use static array for boot_data

Since commit 6b9f29b81b15 ("riscv: Enable pcpu page first chunk allocator"), if NUMA is enabled, the page percpu allocator may be used on very sparse configurations, or when requested on boot with percpu_alloc=page.

In that case, percpu data gets put in the vmalloc area. However, sbi_hsm_hart_start() needs the physical address of a sbi_hart_boot_data, and simply assumes that __pa() would work. This causes the just started hart to immediately access an invalid address and hang.

Fortunately, struct sbi_hart_boot_data is not too large, so we can simply allocate an array for boot_data statically, putting it in the kernel image.

This fixes NUMA=y SMP boot on Sophgo SG2042.

To reproduce on QEMU: Set CONFIG_NUMA=y and CONFIG_DEBUG_VIRTUAL=y, then run with:

qemu-system-riscv64 -M virt -smp 2 -nographic \ -kernel arch/riscv/boot/Image \ -append "percpu_alloc=page"

Kernel output:

[ 0.000000] Booting Linux on hartid 0 [ 0.000000] Linux version 6.16.0-rc1 (dram@sakuya) (riscv64-unknown-linux-gnu-gcc (GCC) 14.2.1 20250322, GNU ld (GNU Binutils) 2.44) #11 SMP Tue Jun 24 14:56:22 CST 2025 ... [ 0.000000] percpu: 28 4K pages/cpu s85784 r8192 d20712 ... [ 0.083192] smp: Bringing up secondary CPUs ... [ 0.086722] ------------[ cut here ]------------ [ 0.086849] virt_to_phys used for non-linear address: (_ptrval_) (0xff2000000001d080) [ 0.088001] WARNING: CPU: 0 PID: 1 at arch/riscv/mm/physaddr.c:14 __virt_to_phys+0xae/0xe8 [ 0.088376] Modules linked in: [ 0.088656] CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.16.0-rc1 #11 NONE [ 0.088833] Hardware name: riscv-virtio,qemu (DT) [ 0.088948] epc : __virt_to_phys+0xae/0xe8 [ 0.089001] ra : __virt_to_phys+0xae/0xe8 [ 0.089037] epc : ffffffff80021eaa ra : ffffffff80021eaa sp : ff2000000004bbc0 [ 0.089057] gp : ffffffff817f49c0 tp : ff60000001d60000 t0 : 5f6f745f74726976 [ 0.089076] t1 : 0000000000000076 t2 : 705f6f745f747269 s0 : ff2000000004bbe0 [ 0.089095] s1 : ff2000000001d080 a0 : 0000000000000000 a1 : 0000000000000000 [ 0.089113] a2 : 0000000000000000 a3 : 0000000000000000 a4 : 0000000000000000 [ 0.089131] a5 : 0000000000000000 a6 : 0000000000000000 a7 : 0000000000000000 [ 0.089155] s2 : ffffffff8130dc00 s3 : 0000000000000001 s4 : 0000000000000001 [ 0.089174] s5 : ffffffff8185eff8 s6 : ff2000007f1eb000 s7 : ffffffff8002a2ec [ 0.089193] s8 : 0000000000000001 s9 : 0000000000000001 s10: 0000000000000000 [ 0.089211] s11: 0000000000000000 t3 : ffffffff8180a9f7 t4 : ffffffff8180a9f7 [ 0.089960] t5 : ffffffff8180a9f8 t6 : ff2000000004b9d8 [ 0.089984] status: 0000000200000120 badaddr: ffffffff80021eaa cause: 0000000000000003 [ 0.090101] [] __virt_to_phys+0xae/0xe8 [ 0.090228] [] sbi_cpu_start+0x6e/0xe8 [ 0.090247] [] __cpu_up+0x1e/0x8c [ 0.090260] [] bringup_cpu+0x42/0x258 [ 0.090277] [] cpuhp_invoke_callback+0xe0/0x40c [ 0.090292] [] __cpuhp_invoke_callback_range+0x68/0xfc [ 0.090320] [] _cpu_up+0x11a/0x244 [ 0.090334] [] cpu_up+0x52/0x90 [ 0.090384] [] bringup_nonboot_cpus+0x78/0x118 [ 0.090411] [] smp_init+0x34/0xb8 [ 0.090425] [] kernel_init_freeable+0x148/0x2e4 [ 0.090442] [] kernel_init+0x1e/0x14c [ 0.090455] [] ret_from_fork_kernel+0xe/0xf0 [ 0.090471] [] ret_from_fork_kernel_asm+0x16/0x18 [ 0.090560] ---[ end trace 0000000000000000 ]--- [ 1.179875] CPU1: failed to come online [ 1.190324] smp: Brought up 1 node, 1 CPU

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-38407"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-25T14:15:32Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv: cpu_ops_sbi: Use static array for boot_data\n\nSince commit 6b9f29b81b15 (\"riscv: Enable pcpu page first chunk\nallocator\"), if NUMA is enabled, the page percpu allocator may be used\non very sparse configurations, or when requested on boot with\npercpu_alloc=page.\n\nIn that case, percpu data gets put in the vmalloc area. However,\nsbi_hsm_hart_start() needs the physical address of a sbi_hart_boot_data,\nand simply assumes that __pa() would work. This causes the just started\nhart to immediately access an invalid address and hang.\n\nFortunately, struct sbi_hart_boot_data is not too large, so we can\nsimply allocate an array for boot_data statically, putting it in the\nkernel image.\n\nThis fixes NUMA=y SMP boot on Sophgo SG2042.\n\nTo reproduce on QEMU: Set CONFIG_NUMA=y and CONFIG_DEBUG_VIRTUAL=y, then\nrun with:\n\n  qemu-system-riscv64 -M virt -smp 2 -nographic \\\n    -kernel arch/riscv/boot/Image \\\n    -append \"percpu_alloc=page\"\n\nKernel output:\n\n[    0.000000] Booting Linux on hartid 0\n[    0.000000] Linux version 6.16.0-rc1 (dram@sakuya) (riscv64-unknown-linux-gnu-gcc (GCC) 14.2.1 20250322, GNU ld (GNU Binutils) 2.44) #11 SMP Tue Jun 24 14:56:22 CST 2025\n...\n[    0.000000] percpu: 28 4K pages/cpu s85784 r8192 d20712\n...\n[    0.083192] smp: Bringing up secondary CPUs ...\n[    0.086722] ------------[ cut here ]------------\n[    0.086849] virt_to_phys used for non-linear address: (____ptrval____) (0xff2000000001d080)\n[    0.088001] WARNING: CPU: 0 PID: 1 at arch/riscv/mm/physaddr.c:14 __virt_to_phys+0xae/0xe8\n[    0.088376] Modules linked in:\n[    0.088656] CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.16.0-rc1 #11 NONE\n[    0.088833] Hardware name: riscv-virtio,qemu (DT)\n[    0.088948] epc : __virt_to_phys+0xae/0xe8\n[    0.089001]  ra : __virt_to_phys+0xae/0xe8\n[    0.089037] epc : ffffffff80021eaa ra : ffffffff80021eaa sp : ff2000000004bbc0\n[    0.089057]  gp : ffffffff817f49c0 tp : ff60000001d60000 t0 : 5f6f745f74726976\n[    0.089076]  t1 : 0000000000000076 t2 : 705f6f745f747269 s0 : ff2000000004bbe0\n[    0.089095]  s1 : ff2000000001d080 a0 : 0000000000000000 a1 : 0000000000000000\n[    0.089113]  a2 : 0000000000000000 a3 : 0000000000000000 a4 : 0000000000000000\n[    0.089131]  a5 : 0000000000000000 a6 : 0000000000000000 a7 : 0000000000000000\n[    0.089155]  s2 : ffffffff8130dc00 s3 : 0000000000000001 s4 : 0000000000000001\n[    0.089174]  s5 : ffffffff8185eff8 s6 : ff2000007f1eb000 s7 : ffffffff8002a2ec\n[    0.089193]  s8 : 0000000000000001 s9 : 0000000000000001 s10: 0000000000000000\n[    0.089211]  s11: 0000000000000000 t3 : ffffffff8180a9f7 t4 : ffffffff8180a9f7\n[    0.089960]  t5 : ffffffff8180a9f8 t6 : ff2000000004b9d8\n[    0.089984] status: 0000000200000120 badaddr: ffffffff80021eaa cause: 0000000000000003\n[    0.090101] [\u003cffffffff80021eaa\u003e] __virt_to_phys+0xae/0xe8\n[    0.090228] [\u003cffffffff8001d796\u003e] sbi_cpu_start+0x6e/0xe8\n[    0.090247] [\u003cffffffff8001a5da\u003e] __cpu_up+0x1e/0x8c\n[    0.090260] [\u003cffffffff8002a32e\u003e] bringup_cpu+0x42/0x258\n[    0.090277] [\u003cffffffff8002914c\u003e] cpuhp_invoke_callback+0xe0/0x40c\n[    0.090292] [\u003cffffffff800294e0\u003e] __cpuhp_invoke_callback_range+0x68/0xfc\n[    0.090320] [\u003cffffffff8002a96a\u003e] _cpu_up+0x11a/0x244\n[    0.090334] [\u003cffffffff8002aae6\u003e] cpu_up+0x52/0x90\n[    0.090384] [\u003cffffffff80c09350\u003e] bringup_nonboot_cpus+0x78/0x118\n[    0.090411] [\u003cffffffff80c11060\u003e] smp_init+0x34/0xb8\n[    0.090425] [\u003cffffffff80c01220\u003e] kernel_init_freeable+0x148/0x2e4\n[    0.090442] [\u003cffffffff80b83802\u003e] kernel_init+0x1e/0x14c\n[    0.090455] [\u003cffffffff800124ca\u003e] ret_from_fork_kernel+0xe/0xf0\n[    0.090471] [\u003cffffffff80b8d9c2\u003e] ret_from_fork_kernel_asm+0x16/0x18\n[    0.090560] ---[ end trace 0000000000000000 ]---\n[    1.179875] CPU1: failed to come online\n[    1.190324] smp: Brought up 1 node, 1 CPU",
  "id": "GHSA-qq4v-pr8w-v8hg",
  "modified": "2025-07-25T15:30:53Z",
  "published": "2025-07-25T15:30:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38407"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/02c725cd55eb5052b88eeaa3f60a391ef4dcaec5"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2b29be967ae456fc09c320d91d52278cf721be1e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f5fe094f35a37adea40b2fd52c99bb1333be9b07"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

fkie_cve-2025-38407

Vulnerability from fkie_nvd

Published

2025-07-25 14:15

Modified

2025-07-25 15:29

Severity ?

Summary

References

▶	URL	Tags
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/02c725cd55eb5052b88eeaa3f60a391ef4dcaec5
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/2b29be967ae456fc09c320d91d52278cf721be1e
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/f5fe094f35a37adea40b2fd52c99bb1333be9b07

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv: cpu_ops_sbi: Use static array for boot_data\n\nSince commit 6b9f29b81b15 (\"riscv: Enable pcpu page first chunk\nallocator\"), if NUMA is enabled, the page percpu allocator may be used\non very sparse configurations, or when requested on boot with\npercpu_alloc=page.\n\nIn that case, percpu data gets put in the vmalloc area. However,\nsbi_hsm_hart_start() needs the physical address of a sbi_hart_boot_data,\nand simply assumes that __pa() would work. This causes the just started\nhart to immediately access an invalid address and hang.\n\nFortunately, struct sbi_hart_boot_data is not too large, so we can\nsimply allocate an array for boot_data statically, putting it in the\nkernel image.\n\nThis fixes NUMA=y SMP boot on Sophgo SG2042.\n\nTo reproduce on QEMU: Set CONFIG_NUMA=y and CONFIG_DEBUG_VIRTUAL=y, then\nrun with:\n\n  qemu-system-riscv64 -M virt -smp 2 -nographic \\\n    -kernel arch/riscv/boot/Image \\\n    -append \"percpu_alloc=page\"\n\nKernel output:\n\n[    0.000000] Booting Linux on hartid 0\n[    0.000000] Linux version 6.16.0-rc1 (dram@sakuya) (riscv64-unknown-linux-gnu-gcc (GCC) 14.2.1 20250322, GNU ld (GNU Binutils) 2.44) #11 SMP Tue Jun 24 14:56:22 CST 2025\n...\n[    0.000000] percpu: 28 4K pages/cpu s85784 r8192 d20712\n...\n[    0.083192] smp: Bringing up secondary CPUs ...\n[    0.086722] ------------[ cut here ]------------\n[    0.086849] virt_to_phys used for non-linear address: (____ptrval____) (0xff2000000001d080)\n[    0.088001] WARNING: CPU: 0 PID: 1 at arch/riscv/mm/physaddr.c:14 __virt_to_phys+0xae/0xe8\n[    0.088376] Modules linked in:\n[    0.088656] CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.16.0-rc1 #11 NONE\n[    0.088833] Hardware name: riscv-virtio,qemu (DT)\n[    0.088948] epc : __virt_to_phys+0xae/0xe8\n[    0.089001]  ra : __virt_to_phys+0xae/0xe8\n[    0.089037] epc : ffffffff80021eaa ra : ffffffff80021eaa sp : ff2000000004bbc0\n[    0.089057]  gp : ffffffff817f49c0 tp : ff60000001d60000 t0 : 5f6f745f74726976\n[    0.089076]  t1 : 0000000000000076 t2 : 705f6f745f747269 s0 : ff2000000004bbe0\n[    0.089095]  s1 : ff2000000001d080 a0 : 0000000000000000 a1 : 0000000000000000\n[    0.089113]  a2 : 0000000000000000 a3 : 0000000000000000 a4 : 0000000000000000\n[    0.089131]  a5 : 0000000000000000 a6 : 0000000000000000 a7 : 0000000000000000\n[    0.089155]  s2 : ffffffff8130dc00 s3 : 0000000000000001 s4 : 0000000000000001\n[    0.089174]  s5 : ffffffff8185eff8 s6 : ff2000007f1eb000 s7 : ffffffff8002a2ec\n[    0.089193]  s8 : 0000000000000001 s9 : 0000000000000001 s10: 0000000000000000\n[    0.089211]  s11: 0000000000000000 t3 : ffffffff8180a9f7 t4 : ffffffff8180a9f7\n[    0.089960]  t5 : ffffffff8180a9f8 t6 : ff2000000004b9d8\n[    0.089984] status: 0000000200000120 badaddr: ffffffff80021eaa cause: 0000000000000003\n[    0.090101] [\u003cffffffff80021eaa\u003e] __virt_to_phys+0xae/0xe8\n[    0.090228] [\u003cffffffff8001d796\u003e] sbi_cpu_start+0x6e/0xe8\n[    0.090247] [\u003cffffffff8001a5da\u003e] __cpu_up+0x1e/0x8c\n[    0.090260] [\u003cffffffff8002a32e\u003e] bringup_cpu+0x42/0x258\n[    0.090277] [\u003cffffffff8002914c\u003e] cpuhp_invoke_callback+0xe0/0x40c\n[    0.090292] [\u003cffffffff800294e0\u003e] __cpuhp_invoke_callback_range+0x68/0xfc\n[    0.090320] [\u003cffffffff8002a96a\u003e] _cpu_up+0x11a/0x244\n[    0.090334] [\u003cffffffff8002aae6\u003e] cpu_up+0x52/0x90\n[    0.090384] [\u003cffffffff80c09350\u003e] bringup_nonboot_cpus+0x78/0x118\n[    0.090411] [\u003cffffffff80c11060\u003e] smp_init+0x34/0xb8\n[    0.090425] [\u003cffffffff80c01220\u003e] kernel_init_freeable+0x148/0x2e4\n[    0.090442] [\u003cffffffff80b83802\u003e] kernel_init+0x1e/0x14c\n[    0.090455] [\u003cffffffff800124ca\u003e] ret_from_fork_kernel+0xe/0xf0\n[    0.090471] [\u003cffffffff80b8d9c2\u003e] ret_from_fork_kernel_asm+0x16/0x18\n[    0.090560] ---[ end trace 0000000000000000 ]---\n[    1.179875] CPU1: failed to come online\n[    1.190324] smp: Brought up 1 node, 1 CPU"
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: riscv: cpu_ops_sbi: Usar una matriz est\u00e1tica para boot_data. Desde el commit 6b9f29b81b15 (\"riscv: Habilitar el asignador de primer fragmento de p\u00e1gina pcpu\"), si NUMA est\u00e1 habilitado, el asignador de p\u00e1ginas por CPU puede usarse en configuraciones muy dispersas o cuando se solicita al arrancar con percpu_alloc=page. En ese caso, los datos por CPU se colocan en el \u00e1rea vmalloc. Sin embargo, sbi_hsm_hart_start() necesita la direcci\u00f3n f\u00edsica de sbi_hart_boot_data y simplemente asume que __pa() funcionar\u00eda. Esto provoca que el hart reci\u00e9n iniciado acceda inmediatamente a una direcci\u00f3n no v\u00e1lida y se cuelgue. Afortunadamente, la estructura sbi_hart_boot_data no es demasiado grande, por lo que podemos asignar una matriz est\u00e1ticamente para boot_data, coloc\u00e1ndola en la imagen del kernel. Esto soluciona el problema del arranque SMP con NUMA=y en Sophgo SG2042. Para reproducir en QEMU: Establezca CONFIG_NUMA=y y CONFIG_DEBUG_VIRTUAL=y, luego ejecute con: qemu-system-riscv64 -M virt -smp 2 -nographic \\ -kernel arch/riscv/boot/Image \\ -append \"percpu_alloc=page\" Salida del kernel: [ 0.000000] Booting Linux on hartid 0 [ 0.000000] Linux version 6.16.0-rc1 (dram@sakuya) (riscv64-unknown-linux-gnu-gcc (GCC) 14.2.1 20250322, GNU ld (GNU Binutils) 2.44) #11 SMP Tue Jun 24 14:56:22 CST 2025 ... [ 0.000000] percpu: 28 4K pages/cpu s85784 r8192 d20712 ... [ 0.083192] smp: Bringing up secondary CPUs ... [ 0.086722] ------------[ cut here ]------------ [ 0.086849] virt_to_phys used for non-linear address: (____ptrval____) (0xff2000000001d080) [ 0.088001] WARNING: CPU: 0 PID: 1 at arch/riscv/mm/physaddr.c:14 __virt_to_phys+0xae/0xe8 [ 0.088376] Modules linked in: [ 0.088656] CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.16.0-rc1 #11 NONE [ 0.088833] Hardware name: riscv-virtio,qemu (DT) [ 0.088948] epc : __virt_to_phys+0xae/0xe8 [ 0.089001] ra : __virt_to_phys+0xae/0xe8 [ 0.089037] epc : ffffffff80021eaa ra : ffffffff80021eaa sp : ff2000000004bbc0 [ 0.089057] gp : ffffffff817f49c0 tp : ff60000001d60000 t0 : 5f6f745f74726976 [ 0.089076] t1 : 0000000000000076 t2 : 705f6f745f747269 s0 : ff2000000004bbe0 [ 0.089095] s1 : ff2000000001d080 a0 : 0000000000000000 a1 : 0000000000000000 [ 0.089113] a2 : 0000000000000000 a3 : 0000000000000000 a4 : 0000000000000000 [ 0.089131] a5 : 0000000000000000 a6 : 0000000000000000 a7 : 0000000000000000 [ 0.089155] s2 : ffffffff8130dc00 s3 : 0000000000000001 s4 : 0000000000000001 [ 0.089174] s5 : ffffffff8185eff8 s6 : ff2000007f1eb000 s7 : ffffffff8002a2ec [ 0.089193] s8 : 0000000000000001 s9 : 0000000000000001 s10: 0000000000000000 [ 0.089211] s11: 0000000000000000 t3 : ffffffff8180a9f7 t4 : ffffffff8180a9f7 [ 0.089960] t5 : ffffffff8180a9f8 t6 : ff2000000004b9d8 [ 0.089984] status: 0000000200000120 badaddr: ffffffff80021eaa cause: 0000000000000003 [ 0.090101] [] __virt_to_phys+0xae/0xe8 [ 0.090228] [] sbi_cpu_start+0x6e/0xe8 [ 0.090247] [] __cpu_up+0x1e/0x8c [ 0.090260] [] bringup_cpu+0x42/0x258 [ 0.090277] [] cpuhp_invoke_callback+0xe0/0x40c [ 0.090292] [] __cpuhp_invoke_callback_range+0x68/0xfc [ 0.090320] [] _cpu_up+0x11a/0x244 [ 0.090334] [] cpu_up+0x52/0x90 [ 0.090384] [] bringup_nonboot_cpus+0x78/0x118 [ 0.090411] [] smp_init+0x34/0xb8 [ 0.090425] [] kernel_init_freeable+0x148/0x2e4 [ 0.090442] [] kernel_init+0x1e/0x14c [ 0.090455] [] ret_from_fork_kernel+0xe/0xf0 [ 0.090471] [] ret_from_fork_kernel_asm+0x16/0x18 [ 0.090560] ---[ end trace 0000000000000000 ]--- [ 1.179875] CPU1: failed to come online [ 1.190324] smp: Brought up 1 node, 1 CPU"
    }
  ],
  "id": "CVE-2025-38407",
  "lastModified": "2025-07-25T15:29:19.837",
  "metrics": {},
  "published": "2025-07-25T14:15:32.317",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/02c725cd55eb5052b88eeaa3f60a391ef4dcaec5"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/2b29be967ae456fc09c320d91d52278cf721be1e"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/f5fe094f35a37adea40b2fd52c99bb1333be9b07"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}

wid-sec-w-2025-1653

Vulnerability from csaf_certbund

Published

2025-07-27 22:00

Modified

2025-08-12 22:00

Summary

Linux Kernel: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff

Ein entfernter anonymer Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder andere nicht spezifizierte Angriffe durchzuführen.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter anonymer Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder andere nicht spezifizierte Angriffe durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-1653 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1653.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-1653 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1653"
      },
      {
        "category": "external",
        "summary": "Kernel CVE Announce Mailingliste",
        "url": "https://lore.kernel.org/linux-cve-announce/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38353",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072553-CVE-2025-38353-a9eb@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38354",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072555-CVE-2025-38354-bdcd@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38355",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072555-CVE-2025-38355-2855@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38356",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072555-CVE-2025-38356-286a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38357",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072556-CVE-2025-38357-8b0a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38358",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072556-CVE-2025-38358-8d7f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38359",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072556-CVE-2025-38359-8cda@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38360",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072557-CVE-2025-38360-1f17@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38361",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072557-CVE-2025-38361-3f11@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38362",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072557-CVE-2025-38362-8922@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38363",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072557-CVE-2025-38363-122c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38364",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072558-CVE-2025-38364-74db@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38365",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072558-CVE-2025-38365-0519@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38366",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072558-CVE-2025-38366-26b8@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38367",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072558-CVE-2025-38367-df91@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38368",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072559-CVE-2025-38368-e561@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38369",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072559-CVE-2025-38369-6ddf@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38370",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072502-CVE-2025-38370-857d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38371",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072502-CVE-2025-38371-ff41@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38372",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072503-CVE-2025-38372-6659@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38373",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072503-CVE-2025-38373-b6fa@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38374",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072503-CVE-2025-38374-52a8@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38375",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072503-CVE-2025-38375-3faa@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38376",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072504-CVE-2025-38376-e290@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38377",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072504-CVE-2025-38377-a0c0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38378",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072504-CVE-2025-38378-4e10@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38379",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072505-CVE-2025-38379-97db@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38380",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072505-CVE-2025-38380-d1a9@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38381",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072505-CVE-2025-38381-b27a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38382",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072505-CVE-2025-38382-c4f2@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38383",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072506-CVE-2025-38383-c967@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38384",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072506-CVE-2025-38384-391e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38385",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072506-CVE-2025-38385-936c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38386",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072506-CVE-2025-38386-0a8a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38387",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072507-CVE-2025-38387-f9d4@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38388",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072507-CVE-2025-38388-402a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38389",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072507-CVE-2025-38389-b1f4@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38390",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072508-CVE-2025-38390-7d67@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38391",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072508-CVE-2025-38391-0064@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38392",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072508-CVE-2025-38392-17a6@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38393",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072508-CVE-2025-38393-f2e8@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38394",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072509-CVE-2025-38394-f005@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38395",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072509-CVE-2025-38395-3a19@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38396",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072509-CVE-2025-38396-92a5@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38397",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072509-CVE-2025-38397-d375@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38398",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072510-CVE-2025-38398-1271@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38399",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072510-CVE-2025-38399-00ec@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38400",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072510-CVE-2025-38400-a0d2@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38401",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072510-CVE-2025-38401-789b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38402",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072511-CVE-2025-38402-e08c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38403",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072504-CVE-2025-38403-0da0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38404",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072521-CVE-2025-38404-f719@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38405",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072511-CVE-2025-38405-014e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38406",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072533-CVE-2025-38406-5f5c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38407",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072520-CVE-2025-38407-98b5@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38408",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072520-CVE-2025-38408-29e7@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38409",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072520-CVE-2025-38409-cee4@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38410",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072521-CVE-2025-38410-e0e7@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38411",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072521-CVE-2025-38411-0ca7@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38412",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072521-CVE-2025-38412-2ccc@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38413",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072521-CVE-2025-38413-d64f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38414",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072512-CVE-2025-38414-8302@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38415",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072513-CVE-2025-38415-c634@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38416",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072511-CVE-2025-38416-e4bb@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38417",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072546-CVE-2025-38417-12d4@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38418",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072546-CVE-2025-38418-7af0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38419",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072546-CVE-2025-38419-c07e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38420",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072552-CVE-2025-38420-13a5@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38421",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072554-CVE-2025-38421-8601@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38422",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072554-CVE-2025-38422-5d9b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38423",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072554-CVE-2025-38423-171a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38424",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072555-CVE-2025-38424-500e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38425",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072555-CVE-2025-38425-d34f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38426",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072555-CVE-2025-38426-718c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38427",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072555-CVE-2025-38427-6e37@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38428",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072556-CVE-2025-38428-8b33@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38429",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072556-CVE-2025-38429-f662@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38430",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072556-CVE-2025-38430-dafd@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38431",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072537-CVE-2025-38431-9bb6@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38432",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072516-CVE-2025-38432-ce36@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38433",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072511-CVE-2025-38433-6d14@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38434",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072512-CVE-2025-38434-ecdf@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38435",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072512-CVE-2025-38435-ffc0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38436",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072512-CVE-2025-38436-8cb6@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38437",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072559-CVE-2025-38437-9752@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38438",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072501-CVE-2025-38438-f653@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38439",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072501-CVE-2025-38439-3f3b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38440",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072501-CVE-2025-38440-cb71@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38441",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072502-CVE-2025-38441-bb71@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38442",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072502-CVE-2025-38442-2844@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38443",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072502-CVE-2025-38443-419c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38444",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072503-CVE-2025-38444-4b60@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38445",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072503-CVE-2025-38445-7295@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38446",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072503-CVE-2025-38446-492b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38447",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072503-CVE-2025-38447-5233@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38448",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072504-CVE-2025-38448-f242@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38449",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072504-CVE-2025-38449-cbf0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38450",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072504-CVE-2025-38450-a59f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38451",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072504-CVE-2025-38451-ee66@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38452",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072505-CVE-2025-38452-d9d1@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38453",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072505-CVE-2025-38453-69b1@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38454",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072505-CVE-2025-38454-8908@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38455",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072505-CVE-2025-38455-9331@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38456",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072506-CVE-2025-38456-3c0a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38457",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072506-CVE-2025-38457-d302@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38458",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072506-CVE-2025-38458-d999@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38459",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072507-CVE-2025-38459-e941@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38460",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072507-CVE-2025-38460-40fb@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38461",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072507-CVE-2025-38461-33b1@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38462",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072507-CVE-2025-38462-3e15@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38463",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072508-CVE-2025-38463-f4a1@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38464",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072508-CVE-2025-38464-44a1@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38465",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072508-CVE-2025-38465-28ad@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38466",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072508-CVE-2025-38466-11e8@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-38467",
        "url": "https://lore.kernel.org/linux-cve-announce/2025072509-CVE-2025-38467-eb0c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:13776 vom 2025-08-13",
        "url": "https://access.redhat.com/errata/RHSA-2025:13776"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5973 vom 2025-08-12",
        "url": "https://lists.debian.org/debian-security-announce/2025/msg00137.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-08-12T22:00:00.000+00:00",
      "generator": {
        "date": "2025-08-13T06:22:42.834+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.4.0"
        }
      },
      "id": "WID-SEC-W-2025-1653",
      "initial_release_date": "2025-07-27T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-07-27T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2025-08-12T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat und Debian aufgenommen"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Linux Kernel",
            "product": {
              "name": "Open Source Linux Kernel",
              "product_id": "T008144",
              "product_identification_helper": {
                "cpe": "cpe:/a:linux:linux_kernel:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-38353",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38353"
    },
    {
      "cve": "CVE-2025-38354",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38354"
    },
    {
      "cve": "CVE-2025-38355",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38355"
    },
    {
      "cve": "CVE-2025-38356",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38356"
    },
    {
      "cve": "CVE-2025-38357",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38357"
    },
    {
      "cve": "CVE-2025-38358",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38358"
    },
    {
      "cve": "CVE-2025-38359",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38359"
    },
    {
      "cve": "CVE-2025-38360",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38360"
    },
    {
      "cve": "CVE-2025-38361",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38361"
    },
    {
      "cve": "CVE-2025-38362",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38362"
    },
    {
      "cve": "CVE-2025-38363",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38363"
    },
    {
      "cve": "CVE-2025-38364",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38364"
    },
    {
      "cve": "CVE-2025-38365",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38365"
    },
    {
      "cve": "CVE-2025-38366",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38366"
    },
    {
      "cve": "CVE-2025-38367",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38367"
    },
    {
      "cve": "CVE-2025-38368",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38368"
    },
    {
      "cve": "CVE-2025-38369",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38369"
    },
    {
      "cve": "CVE-2025-38370",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38370"
    },
    {
      "cve": "CVE-2025-38371",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38371"
    },
    {
      "cve": "CVE-2025-38372",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38372"
    },
    {
      "cve": "CVE-2025-38373",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38373"
    },
    {
      "cve": "CVE-2025-38374",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38374"
    },
    {
      "cve": "CVE-2025-38375",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38375"
    },
    {
      "cve": "CVE-2025-38376",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38376"
    },
    {
      "cve": "CVE-2025-38377",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38377"
    },
    {
      "cve": "CVE-2025-38378",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38378"
    },
    {
      "cve": "CVE-2025-38379",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38379"
    },
    {
      "cve": "CVE-2025-38380",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38380"
    },
    {
      "cve": "CVE-2025-38381",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38381"
    },
    {
      "cve": "CVE-2025-38382",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38382"
    },
    {
      "cve": "CVE-2025-38383",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38383"
    },
    {
      "cve": "CVE-2025-38384",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38384"
    },
    {
      "cve": "CVE-2025-38385",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38385"
    },
    {
      "cve": "CVE-2025-38386",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38386"
    },
    {
      "cve": "CVE-2025-38387",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38387"
    },
    {
      "cve": "CVE-2025-38388",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38388"
    },
    {
      "cve": "CVE-2025-38389",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38389"
    },
    {
      "cve": "CVE-2025-38390",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38390"
    },
    {
      "cve": "CVE-2025-38391",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38391"
    },
    {
      "cve": "CVE-2025-38392",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38392"
    },
    {
      "cve": "CVE-2025-38393",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38393"
    },
    {
      "cve": "CVE-2025-38394",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38394"
    },
    {
      "cve": "CVE-2025-38395",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38395"
    },
    {
      "cve": "CVE-2025-38396",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38396"
    },
    {
      "cve": "CVE-2025-38397",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38397"
    },
    {
      "cve": "CVE-2025-38398",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38398"
    },
    {
      "cve": "CVE-2025-38399",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38399"
    },
    {
      "cve": "CVE-2025-38400",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38400"
    },
    {
      "cve": "CVE-2025-38401",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38401"
    },
    {
      "cve": "CVE-2025-38402",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38402"
    },
    {
      "cve": "CVE-2025-38403",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38403"
    },
    {
      "cve": "CVE-2025-38404",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38404"
    },
    {
      "cve": "CVE-2025-38405",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38405"
    },
    {
      "cve": "CVE-2025-38406",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38406"
    },
    {
      "cve": "CVE-2025-38407",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38407"
    },
    {
      "cve": "CVE-2025-38408",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38408"
    },
    {
      "cve": "CVE-2025-38409",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38409"
    },
    {
      "cve": "CVE-2025-38410",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38410"
    },
    {
      "cve": "CVE-2025-38411",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38411"
    },
    {
      "cve": "CVE-2025-38412",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38412"
    },
    {
      "cve": "CVE-2025-38413",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38413"
    },
    {
      "cve": "CVE-2025-38414",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38414"
    },
    {
      "cve": "CVE-2025-38415",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38415"
    },
    {
      "cve": "CVE-2025-38416",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38416"
    },
    {
      "cve": "CVE-2025-38417",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38417"
    },
    {
      "cve": "CVE-2025-38418",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38418"
    },
    {
      "cve": "CVE-2025-38419",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38419"
    },
    {
      "cve": "CVE-2025-38420",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38420"
    },
    {
      "cve": "CVE-2025-38421",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38421"
    },
    {
      "cve": "CVE-2025-38422",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38422"
    },
    {
      "cve": "CVE-2025-38423",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38423"
    },
    {
      "cve": "CVE-2025-38424",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38424"
    },
    {
      "cve": "CVE-2025-38425",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38425"
    },
    {
      "cve": "CVE-2025-38426",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38426"
    },
    {
      "cve": "CVE-2025-38427",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38427"
    },
    {
      "cve": "CVE-2025-38428",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38428"
    },
    {
      "cve": "CVE-2025-38429",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38429"
    },
    {
      "cve": "CVE-2025-38430",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38430"
    },
    {
      "cve": "CVE-2025-38431",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38431"
    },
    {
      "cve": "CVE-2025-38432",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38432"
    },
    {
      "cve": "CVE-2025-38433",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38433"
    },
    {
      "cve": "CVE-2025-38434",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38434"
    },
    {
      "cve": "CVE-2025-38435",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38435"
    },
    {
      "cve": "CVE-2025-38436",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38436"
    },
    {
      "cve": "CVE-2025-38437",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38437"
    },
    {
      "cve": "CVE-2025-38438",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38438"
    },
    {
      "cve": "CVE-2025-38439",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38439"
    },
    {
      "cve": "CVE-2025-38440",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38440"
    },
    {
      "cve": "CVE-2025-38441",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38441"
    },
    {
      "cve": "CVE-2025-38442",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38442"
    },
    {
      "cve": "CVE-2025-38443",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38443"
    },
    {
      "cve": "CVE-2025-38444",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38444"
    },
    {
      "cve": "CVE-2025-38445",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38445"
    },
    {
      "cve": "CVE-2025-38446",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38446"
    },
    {
      "cve": "CVE-2025-38447",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38447"
    },
    {
      "cve": "CVE-2025-38448",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38448"
    },
    {
      "cve": "CVE-2025-38449",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38449"
    },
    {
      "cve": "CVE-2025-38450",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38450"
    },
    {
      "cve": "CVE-2025-38451",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38451"
    },
    {
      "cve": "CVE-2025-38452",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38452"
    },
    {
      "cve": "CVE-2025-38453",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38453"
    },
    {
      "cve": "CVE-2025-38454",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38454"
    },
    {
      "cve": "CVE-2025-38455",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38455"
    },
    {
      "cve": "CVE-2025-38456",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38456"
    },
    {
      "cve": "CVE-2025-38457",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38457"
    },
    {
      "cve": "CVE-2025-38458",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38458"
    },
    {
      "cve": "CVE-2025-38459",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38459"
    },
    {
      "cve": "CVE-2025-38460",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38460"
    },
    {
      "cve": "CVE-2025-38461",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38461"
    },
    {
      "cve": "CVE-2025-38462",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38462"
    },
    {
      "cve": "CVE-2025-38463",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38463"
    },
    {
      "cve": "CVE-2025-38464",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38464"
    },
    {
      "cve": "CVE-2025-38465",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38465"
    },
    {
      "cve": "CVE-2025-38466",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38466"
    },
    {
      "cve": "CVE-2025-38467",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T008144"
        ]
      },
      "release_date": "2025-07-27T22:00:00.000+00:00",
      "title": "CVE-2025-38467"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2025-38407 (GCVE-0-2025-38407)

Vulnerability from cvelistv5

ghsa-qq4v-pr8w-v8hg

Vulnerability from github

fkie_cve-2025-38407

Vulnerability from fkie_nvd

wid-sec-w-2025-1653

Vulnerability from csaf_certbund

Tags

Sightings

Nomenclature