Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-49788 (GCVE-0-2022-49788)
Vulnerability from cvelistv5 – Published: 2025-05-01 14:09 – Updated: 2026-05-11 19:06
VLAI
EPSS
Title
misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()
Summary
In the Linux kernel, the following vulnerability has been resolved:
misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()
`struct vmci_event_qp` allocated by qp_notify_peer() contains padding,
which may carry uninitialized data to the userspace, as observed by
KMSAN:
BUG: KMSAN: kernel-infoleak in instrument_copy_to_user ./include/linux/instrumented.h:121
instrument_copy_to_user ./include/linux/instrumented.h:121
_copy_to_user+0x5f/0xb0 lib/usercopy.c:33
copy_to_user ./include/linux/uaccess.h:169
vmci_host_do_receive_datagram drivers/misc/vmw_vmci/vmci_host.c:431
vmci_host_unlocked_ioctl+0x33d/0x43d0 drivers/misc/vmw_vmci/vmci_host.c:925
vfs_ioctl fs/ioctl.c:51
...
Uninit was stored to memory at:
kmemdup+0x74/0xb0 mm/util.c:131
dg_dispatch_as_host drivers/misc/vmw_vmci/vmci_datagram.c:271
vmci_datagram_dispatch+0x4f8/0xfc0 drivers/misc/vmw_vmci/vmci_datagram.c:339
qp_notify_peer+0x19a/0x290 drivers/misc/vmw_vmci/vmci_queue_pair.c:1479
qp_broker_attach drivers/misc/vmw_vmci/vmci_queue_pair.c:1662
qp_broker_alloc+0x2977/0x2f30 drivers/misc/vmw_vmci/vmci_queue_pair.c:1750
vmci_qp_broker_alloc+0x96/0xd0 drivers/misc/vmw_vmci/vmci_queue_pair.c:1940
vmci_host_do_alloc_queuepair drivers/misc/vmw_vmci/vmci_host.c:488
vmci_host_unlocked_ioctl+0x24fd/0x43d0 drivers/misc/vmw_vmci/vmci_host.c:927
...
Local variable ev created at:
qp_notify_peer+0x54/0x290 drivers/misc/vmw_vmci/vmci_queue_pair.c:1456
qp_broker_attach drivers/misc/vmw_vmci/vmci_queue_pair.c:1662
qp_broker_alloc+0x2977/0x2f30 drivers/misc/vmw_vmci/vmci_queue_pair.c:1750
Bytes 28-31 of 48 are uninitialized
Memory access of size 48 starts at ffff888035155e00
Data copied to user address 0000000020000100
Use memset() to prevent the infoleaks.
Also speculatively fix qp_notify_peer_local(), which may suffer from the
same problem.
Severity
5.5 (Medium)
Assigner
References
8 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
06164d2b72aa752ce4633184b3e0d97601017135 , < 7ccf7229b96fadc3a185d1391f814a604c7ef609
(git)
Affected: 06164d2b72aa752ce4633184b3e0d97601017135 , < f04586c2315cfd03d72ad0395705435e7ed07b1a (git) Affected: 06164d2b72aa752ce4633184b3e0d97601017135 , < 5a275528025ae4bc7e2232866856dfebf84b2fad (git) Affected: 06164d2b72aa752ce4633184b3e0d97601017135 , < e7061dd1fef2dfb6458cd521aef27aa66f510d31 (git) Affected: 06164d2b72aa752ce4633184b3e0d97601017135 , < 62634b43d3c4e1bf62fd540196f7081bf0885c0a (git) Affected: 06164d2b72aa752ce4633184b3e0d97601017135 , < 8e2f33c598370bcf828bab4d667d1d38bcd3c57d (git) Affected: 06164d2b72aa752ce4633184b3e0d97601017135 , < 76c50d77b928a33e5290aaa9fdc10e88254ff8c7 (git) Affected: 06164d2b72aa752ce4633184b3e0d97601017135 , < e5b0d06d9b10f5f43101bd6598b076c347f9295f (git) |
|
| Linux | Linux |
Affected:
3.9
Unaffected: 0 , < 3.9 (semver) Unaffected: 4.9.334 , ≤ 4.9.* (semver) Unaffected: 4.14.300 , ≤ 4.14.* (semver) Unaffected: 4.19.267 , ≤ 4.19.* (semver) Unaffected: 5.4.225 , ≤ 5.4.* (semver) Unaffected: 5.10.156 , ≤ 5.10.* (semver) Unaffected: 5.15.80 , ≤ 5.15.* (semver) Unaffected: 6.0.10 , ≤ 6.0.* (semver) Unaffected: 6.1 , ≤ * (original_commit_for_fix) |
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/misc/vmw_vmci/vmci_queue_pair.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "7ccf7229b96fadc3a185d1391f814a604c7ef609",
"status": "affected",
"version": "06164d2b72aa752ce4633184b3e0d97601017135",
"versionType": "git"
},
{
"lessThan": "f04586c2315cfd03d72ad0395705435e7ed07b1a",
"status": "affected",
"version": "06164d2b72aa752ce4633184b3e0d97601017135",
"versionType": "git"
},
{
"lessThan": "5a275528025ae4bc7e2232866856dfebf84b2fad",
"status": "affected",
"version": "06164d2b72aa752ce4633184b3e0d97601017135",
"versionType": "git"
},
{
"lessThan": "e7061dd1fef2dfb6458cd521aef27aa66f510d31",
"status": "affected",
"version": "06164d2b72aa752ce4633184b3e0d97601017135",
"versionType": "git"
},
{
"lessThan": "62634b43d3c4e1bf62fd540196f7081bf0885c0a",
"status": "affected",
"version": "06164d2b72aa752ce4633184b3e0d97601017135",
"versionType": "git"
},
{
"lessThan": "8e2f33c598370bcf828bab4d667d1d38bcd3c57d",
"status": "affected",
"version": "06164d2b72aa752ce4633184b3e0d97601017135",
"versionType": "git"
},
{
"lessThan": "76c50d77b928a33e5290aaa9fdc10e88254ff8c7",
"status": "affected",
"version": "06164d2b72aa752ce4633184b3e0d97601017135",
"versionType": "git"
},
{
"lessThan": "e5b0d06d9b10f5f43101bd6598b076c347f9295f",
"status": "affected",
"version": "06164d2b72aa752ce4633184b3e0d97601017135",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/misc/vmw_vmci/vmci_queue_pair.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.9"
},
{
"lessThan": "3.9",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.334",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.300",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.267",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.225",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.156",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.80",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"version": "6.0.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.1",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.334",
"versionStartIncluding": "3.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.14.300",
"versionStartIncluding": "3.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.267",
"versionStartIncluding": "3.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.225",
"versionStartIncluding": "3.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.156",
"versionStartIncluding": "3.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.80",
"versionStartIncluding": "3.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0.10",
"versionStartIncluding": "3.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1",
"versionStartIncluding": "3.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()\n\n`struct vmci_event_qp` allocated by qp_notify_peer() contains padding,\nwhich may carry uninitialized data to the userspace, as observed by\nKMSAN:\n\n BUG: KMSAN: kernel-infoleak in instrument_copy_to_user ./include/linux/instrumented.h:121\n instrument_copy_to_user ./include/linux/instrumented.h:121\n _copy_to_user+0x5f/0xb0 lib/usercopy.c:33\n copy_to_user ./include/linux/uaccess.h:169\n vmci_host_do_receive_datagram drivers/misc/vmw_vmci/vmci_host.c:431\n vmci_host_unlocked_ioctl+0x33d/0x43d0 drivers/misc/vmw_vmci/vmci_host.c:925\n vfs_ioctl fs/ioctl.c:51\n ...\n\n Uninit was stored to memory at:\n kmemdup+0x74/0xb0 mm/util.c:131\n dg_dispatch_as_host drivers/misc/vmw_vmci/vmci_datagram.c:271\n vmci_datagram_dispatch+0x4f8/0xfc0 drivers/misc/vmw_vmci/vmci_datagram.c:339\n qp_notify_peer+0x19a/0x290 drivers/misc/vmw_vmci/vmci_queue_pair.c:1479\n qp_broker_attach drivers/misc/vmw_vmci/vmci_queue_pair.c:1662\n qp_broker_alloc+0x2977/0x2f30 drivers/misc/vmw_vmci/vmci_queue_pair.c:1750\n vmci_qp_broker_alloc+0x96/0xd0 drivers/misc/vmw_vmci/vmci_queue_pair.c:1940\n vmci_host_do_alloc_queuepair drivers/misc/vmw_vmci/vmci_host.c:488\n vmci_host_unlocked_ioctl+0x24fd/0x43d0 drivers/misc/vmw_vmci/vmci_host.c:927\n ...\n\n Local variable ev created at:\n qp_notify_peer+0x54/0x290 drivers/misc/vmw_vmci/vmci_queue_pair.c:1456\n qp_broker_attach drivers/misc/vmw_vmci/vmci_queue_pair.c:1662\n qp_broker_alloc+0x2977/0x2f30 drivers/misc/vmw_vmci/vmci_queue_pair.c:1750\n\n Bytes 28-31 of 48 are uninitialized\n Memory access of size 48 starts at ffff888035155e00\n Data copied to user address 0000000020000100\n\nUse memset() to prevent the infoleaks.\n\nAlso speculatively fix qp_notify_peer_local(), which may suffer from the\nsame problem."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T19:06:47.654Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/7ccf7229b96fadc3a185d1391f814a604c7ef609"
},
{
"url": "https://git.kernel.org/stable/c/f04586c2315cfd03d72ad0395705435e7ed07b1a"
},
{
"url": "https://git.kernel.org/stable/c/5a275528025ae4bc7e2232866856dfebf84b2fad"
},
{
"url": "https://git.kernel.org/stable/c/e7061dd1fef2dfb6458cd521aef27aa66f510d31"
},
{
"url": "https://git.kernel.org/stable/c/62634b43d3c4e1bf62fd540196f7081bf0885c0a"
},
{
"url": "https://git.kernel.org/stable/c/8e2f33c598370bcf828bab4d667d1d38bcd3c57d"
},
{
"url": "https://git.kernel.org/stable/c/76c50d77b928a33e5290aaa9fdc10e88254ff8c7"
},
{
"url": "https://git.kernel.org/stable/c/e5b0d06d9b10f5f43101bd6598b076c347f9295f"
}
],
"title": "misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-49788",
"datePublished": "2025-05-01T14:09:20.506Z",
"dateReserved": "2025-05-01T14:05:17.223Z",
"dateUpdated": "2026-05-11T19:06:47.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2022-49788",
"date": "2026-06-21",
"epss": "0.0018",
"percentile": "0.07686"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2022-49788\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-05-01T15:16:02.027\",\"lastModified\":\"2025-11-07T19:32:44.140\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nmisc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()\\n\\n`struct vmci_event_qp` allocated by qp_notify_peer() contains padding,\\nwhich may carry uninitialized data to the userspace, as observed by\\nKMSAN:\\n\\n BUG: KMSAN: kernel-infoleak in instrument_copy_to_user ./include/linux/instrumented.h:121\\n instrument_copy_to_user ./include/linux/instrumented.h:121\\n _copy_to_user+0x5f/0xb0 lib/usercopy.c:33\\n copy_to_user ./include/linux/uaccess.h:169\\n vmci_host_do_receive_datagram drivers/misc/vmw_vmci/vmci_host.c:431\\n vmci_host_unlocked_ioctl+0x33d/0x43d0 drivers/misc/vmw_vmci/vmci_host.c:925\\n vfs_ioctl fs/ioctl.c:51\\n ...\\n\\n Uninit was stored to memory at:\\n kmemdup+0x74/0xb0 mm/util.c:131\\n dg_dispatch_as_host drivers/misc/vmw_vmci/vmci_datagram.c:271\\n vmci_datagram_dispatch+0x4f8/0xfc0 drivers/misc/vmw_vmci/vmci_datagram.c:339\\n qp_notify_peer+0x19a/0x290 drivers/misc/vmw_vmci/vmci_queue_pair.c:1479\\n qp_broker_attach drivers/misc/vmw_vmci/vmci_queue_pair.c:1662\\n qp_broker_alloc+0x2977/0x2f30 drivers/misc/vmw_vmci/vmci_queue_pair.c:1750\\n vmci_qp_broker_alloc+0x96/0xd0 drivers/misc/vmw_vmci/vmci_queue_pair.c:1940\\n vmci_host_do_alloc_queuepair drivers/misc/vmw_vmci/vmci_host.c:488\\n vmci_host_unlocked_ioctl+0x24fd/0x43d0 drivers/misc/vmw_vmci/vmci_host.c:927\\n ...\\n\\n Local variable ev created at:\\n qp_notify_peer+0x54/0x290 drivers/misc/vmw_vmci/vmci_queue_pair.c:1456\\n qp_broker_attach drivers/misc/vmw_vmci/vmci_queue_pair.c:1662\\n qp_broker_alloc+0x2977/0x2f30 drivers/misc/vmw_vmci/vmci_queue_pair.c:1750\\n\\n Bytes 28-31 of 48 are uninitialized\\n Memory access of size 48 starts at ffff888035155e00\\n Data copied to user address 0000000020000100\\n\\nUse memset() to prevent the infoleaks.\\n\\nAlso speculatively fix qp_notify_peer_local(), which may suffer from the\\nsame problem.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: misc/vmw_vmci: se corrige una fuga de informaci\u00f3n en vmci_host_do_receive_datagram() `struct vmci_event_qp` asignado por qp_notify_peer() que contiene relleno, que puede llevar datos no inicializados al espacio de usuario, como lo observ\u00f3 KMSAN: ERROR: KMSAN: fuga de informaci\u00f3n del kernel en instrument_copy_to_user ./include/linux/instrumented.h:121 instrument_copy_to_user ./include/linux/instrumented.h:121 _copy_to_user+0x5f/0xb0 lib/usercopy.c:33 copy_to_user ./include/linux/uaccess.h:169 vmci_host_do_receive_datagram drivers/misc/vmw_vmci/vmci_host.c:431 vmci_host_unlocked_ioctl+0x33d/0x43d0 drivers/misc/vmw_vmci/vmci_host.c:925 vfs_ioctl fs/ioctl.c:51 ... Uninit se almacen\u00f3 en la memoria en: kmemdup+0x74/0xb0 mm/util.c:131 dg_dispatch_as_host drivers/misc/vmw_vmci/vmci_datagram.c:271 vmci_datagram_dispatch+0x4f8/0xfc0 drivers/misc/vmw_vmci/vmci_datagram.c:339 qp_notify_peer+0x19a/0x290 drivers/misc/vmw_vmci/vmci_queue_pair.c:1479 qp_broker_attach controladores/misc/vmw_vmci/vmci_queue_pair.c:1662 qp_broker_alloc+0x2977/0x2f30 controladores/misc/vmw_vmci/vmci_queue_pair.c:1750 vmci_qp_broker_alloc+0x96/0xd0 controladores/misc/vmw_vmci/vmci_queue_pair.c:1940 vmci_host_do_alloc_queuepair controladores/misc/vmw_vmci/vmci_host.c:488 vmci_host_unlocked_ioctl+0x24fd/0x43d0 controladores/misc/vmw_vmci/vmci_host.c:927 ... Variable local ev creada en: qp_notify_peer+0x54/0x290 drivers/misc/vmw_vmci/vmci_queue_pair.c:1456 qp_broker_attach drivers/misc/vmw_vmci/vmci_queue_pair.c:1662 qp_broker_alloc+0x2977/0x2f30 drivers/misc/vmw_vmci/vmci_queue_pair.c:1750 Bytes 28-31 de 48 sin inicializar. El acceso a memoria de tama\u00f1o 48 comienza en ffff888035155e00. Datos copiados a la direcci\u00f3n de usuario 0000000020000100. Use memset() para evitar las filtraciones de informaci\u00f3n. Tambi\u00e9n se especula que se debe corregir qp_notify_peer_local(), que podr\u00eda presentar el mismo problema.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-908\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.9\",\"versionEndExcluding\":\"4.9.334\",\"matchCriteriaId\":\"CB7523BD-D391-4043-A440-11CB0A08ABC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.10\",\"versionEndExcluding\":\"4.14.300\",\"matchCriteriaId\":\"424802D2-E9E7-48A9-AD6F-DF2227B3D83A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.15\",\"versionEndExcluding\":\"4.19.267\",\"matchCriteriaId\":\"A5C69A12-68E2-400E-9A5A-375A673C8402\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.20\",\"versionEndExcluding\":\"5.4.225\",\"matchCriteriaId\":\"94D21814-3051-4860-AB06-C7880A3D4933\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5\",\"versionEndExcluding\":\"5.10.156\",\"matchCriteriaId\":\"E2152F3D-E6D3-405D-B0BE-911B8B6E2EE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.80\",\"matchCriteriaId\":\"51BBEF3B-79F5-4D4C-ADBA-F34DA0E2465C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"6.0.10\",\"matchCriteriaId\":\"64F9ADD1-3ADB-4D66-A00F-4A83010B05F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7E331DA-1FB0-4DEC-91AC-7DA69D461C11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"17F0B248-42CF-4AE6-A469-BB1BAE7F4705\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2422816-0C14-4B5E-A1E6-A9D776E5C49B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"35B26BE4-43A6-4A36-A7F6-5B3F572D9186\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/5a275528025ae4bc7e2232866856dfebf84b2fad\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/62634b43d3c4e1bf62fd540196f7081bf0885c0a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/76c50d77b928a33e5290aaa9fdc10e88254ff8c7\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/7ccf7229b96fadc3a185d1391f814a604c7ef609\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/8e2f33c598370bcf828bab4d667d1d38bcd3c57d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/e5b0d06d9b10f5f43101bd6598b076c347f9295f\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/e7061dd1fef2dfb6458cd521aef27aa66f510d31\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/f04586c2315cfd03d72ad0395705435e7ed07b1a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
}
}
WID-SEC-W-2025-1905
Vulnerability from csaf_certbund - Published: 2025-08-25 22:00 - Updated: 2026-03-04 23:00Summary
IBM QRadar SIEM Komponente: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: IBM QRadar Security Information and Event Management (SIEM) bietet Unterstützung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.
Angriff: Ein Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM Komponenten ausnutzen, um Daten zu manipulieren, um einen Denial of Service Angriff durchzuführen, um beliebigen Programmcode auszuführen, um Sicherheitsvorkehrungen zu umgehen, und um Informationen offenzulegen.
Betroffene Betriebssysteme: - Linux
- UNIX
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— |
References
8 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM QRadar Security Information and Event Management (SIEM) bietet Unterst\u00fctzung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM Komponenten ausnutzen, um Daten zu manipulieren, um einen Denial of Service Angriff durchzuf\u00fchren, um beliebigen Programmcode auszuf\u00fchren, um Sicherheitsvorkehrungen zu umgehen, und um Informationen offenzulegen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1905 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1905.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1905 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1905"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7243011 vom 2025-08-25",
"url": "https://www.ibm.com/support/pages/node/7243011"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:14746 vom 2025-08-27",
"url": "https://access.redhat.com/errata/RHSA-2025:14746"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:14748 vom 2025-08-27",
"url": "https://access.redhat.com/errata/RHSA-2025:14748"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-17161 vom 2025-10-21",
"url": "https://linux.oracle.com/errata/ELSA-2025-17161.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-22910 vom 2026-01-29",
"url": "https://linux.oracle.com/errata/ELSA-2025-22910.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-1581 vom 2026-03-04",
"url": "https://linux.oracle.com/errata/ELSA-2026-1581.html"
}
],
"source_lang": "en-US",
"title": "IBM QRadar SIEM Komponente: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-03-04T23:00:00.000+00:00",
"generator": {
"date": "2026-03-05T09:20:05.962+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2025-1905",
"initial_release_date": "2025-08-25T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-08-25T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-08-27T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-10-20T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-01-29T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-03-04T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Oracle Linux aufgenommen"
}
],
"status": "final",
"version": "5"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.5.0 UP13 IF01",
"product": {
"name": "IBM QRadar SIEM \u003c7.5.0 UP13 IF01",
"product_id": "T046492"
}
},
{
"category": "product_version",
"name": "7.5.0 UP13 IF01",
"product": {
"name": "IBM QRadar SIEM 7.5.0 UP13 IF01",
"product_id": "T046492-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up13_if01"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-17543",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2019-17543"
},
{
"cve": "CVE-2019-5427",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2019-5427"
},
{
"cve": "CVE-2020-5260",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2020-5260"
},
{
"cve": "CVE-2022-49058",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2022-49058"
},
{
"cve": "CVE-2022-49111",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2022-49111"
},
{
"cve": "CVE-2022-49136",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2022-49136"
},
{
"cve": "CVE-2022-49788",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2022-49788"
},
{
"cve": "CVE-2022-49846",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2022-49846"
},
{
"cve": "CVE-2022-49977",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2022-49977"
},
{
"cve": "CVE-2022-50020",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2022-50020"
},
{
"cve": "CVE-2024-23337",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-23337"
},
{
"cve": "CVE-2024-28956",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-28956"
},
{
"cve": "CVE-2024-34397",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-34397"
},
{
"cve": "CVE-2024-43420",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-43420"
},
{
"cve": "CVE-2024-45332",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-45332"
},
{
"cve": "CVE-2024-50154",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-50154"
},
{
"cve": "CVE-2024-50349",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-50349"
},
{
"cve": "CVE-2024-52006",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-52006"
},
{
"cve": "CVE-2024-52533",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-52533"
},
{
"cve": "CVE-2024-53920",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-53920"
},
{
"cve": "CVE-2024-54661",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-54661"
},
{
"cve": "CVE-2024-57980",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-57980"
},
{
"cve": "CVE-2024-58002",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-58002"
},
{
"cve": "CVE-2024-6531",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-6531"
},
{
"cve": "CVE-2025-20012",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-20012"
},
{
"cve": "CVE-2025-20623",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-20623"
},
{
"cve": "CVE-2025-21905",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-21905"
},
{
"cve": "CVE-2025-21919",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-21919"
},
{
"cve": "CVE-2025-21928",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-21928"
},
{
"cve": "CVE-2025-21991",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-21991"
},
{
"cve": "CVE-2025-22004",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-22004"
},
{
"cve": "CVE-2025-22020",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-22020"
},
{
"cve": "CVE-2025-23150",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-23150"
},
{
"cve": "CVE-2025-24495",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-24495"
},
{
"cve": "CVE-2025-27613",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-27613"
},
{
"cve": "CVE-2025-27614",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-27614"
},
{
"cve": "CVE-2025-32415",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-32415"
},
{
"cve": "CVE-2025-37738",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-37738"
},
{
"cve": "CVE-2025-37890",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-37890"
},
{
"cve": "CVE-2025-38052",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-38052"
},
{
"cve": "CVE-2025-38079",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-38079"
},
{
"cve": "CVE-2025-38086",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-38086"
},
{
"cve": "CVE-2025-4373",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-4373"
},
{
"cve": "CVE-2025-46835",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-46835"
},
{
"cve": "CVE-2025-47273",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-47273"
},
{
"cve": "CVE-2025-48060",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-48060"
},
{
"cve": "CVE-2025-48384",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-48384"
},
{
"cve": "CVE-2025-48385",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-48385"
},
{
"cve": "CVE-2025-49794",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-49794"
},
{
"cve": "CVE-2025-49796",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-49796"
},
{
"cve": "CVE-2025-52434",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-52434"
},
{
"cve": "CVE-2025-52520",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-52520"
},
{
"cve": "CVE-2025-53506",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-53506"
},
{
"cve": "CVE-2025-55668",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-55668"
},
{
"cve": "CVE-2025-6021",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-6021"
},
{
"cve": "CVE-2025-6965",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-6965"
},
{
"cve": "CVE-2025-7425",
"product_status": {
"known_affected": [
"67646",
"T046492",
"T004914"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-7425"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…