Vulnerability-Lookup

CVE-2025-71110 (GCVE-0-2025-71110)

Vulnerability from cvelistv5 – Published: 2026-01-14 15:05 – Updated: 2026-02-09 08:35

Title

mm/slub: reset KASAN tag in defer_free() before accessing freed memory

Summary

In the Linux kernel, the following vulnerability has been resolved: mm/slub: reset KASAN tag in defer_free() before accessing freed memory When CONFIG_SLUB_TINY is enabled, kfree_nolock() calls kasan_slab_free() before defer_free(). On ARM64 with MTE (Memory Tagging Extension), kasan_slab_free() poisons the memory and changes the tag from the original (e.g., 0xf3) to a poison tag (0xfe). When defer_free() then tries to write to the freed object to build the deferred free list via llist_add(), the pointer still has the old tag, causing a tag mismatch and triggering a KASAN use-after-free report: BUG: KASAN: slab-use-after-free in defer_free+0x3c/0xbc mm/slub.c:6537 Write at addr f3f000000854f020 by task kworker/u8:6/983 Pointer tag: [f3], memory tag: [fe] Fix this by calling kasan_reset_tag() before accessing the freed memory. This is safe because defer_free() is part of the allocator itself and is expected to manipulate freed memory for bookkeeping purposes.

Severity ?

No CVSS data available.

Assigner

Linux

References

URL

WID-SEC-W-2026-0119

Vulnerability from csaf_certbund - Published: 2026-01-14 23:00 - Updated: 2026-03-25 23:00

Summary

Linux Kernel: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff: Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen um nicht näher spezifizierte Angriffe durchzuführen, die möglicherweise zu einer Denial-of-Service- Bedingung führen oder eine Speicherbeschädigung verursachen können.

Betroffene Betriebssysteme: - Linux

CVE-2025-71102

CVE-2025-71103

CVE-2025-71104

CVE-2025-71105

CVE-2025-71106

CVE-2025-71107

CVE-2025-71108

CVE-2025-71109

CVE-2025-71110

CVE-2025-71111

CVE-2025-71112

CVE-2025-71113

CVE-2025-71114

CVE-2025-71115

CVE-2025-71116

CVE-2025-71117

CVE-2025-71118

CVE-2025-71119

CVE-2025-71120

CVE-2025-71121

CVE-2025-71122

CVE-2025-71123

CVE-2025-71124

CVE-2025-71125

CVE-2025-71126

CVE-2025-71127

CVE-2025-71128

CVE-2025-71129

CVE-2025-71130

CVE-2025-71131

CVE-2025-71132

CVE-2025-71133

CVE-2025-71134

CVE-2025-71135

CVE-2025-71136

CVE-2025-71137

CVE-2025-71138

CVE-2025-71139

CVE-2025-71140

CVE-2025-71141

CVE-2025-71142

CVE-2025-71143

CVE-2025-71144

References

URL

Category

	https://wid.cert-bund.de/.well-known/csaf/white/2…	self
	https://wid.cert-bund.de/portal/wid/securityadvis…	self
	https://lore.kernel.org/linux-cve-announce/	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lore.kernel.org/linux-cve-announce/202601…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://lists.debian.org/debian-security-announce…	external
	https://lists.debian.org/debian-security-announce…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://lists.debian.org/debian-lts-announce/2026…	external
	https://lists.debian.org/debian-lts-announce/2026…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.10-…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://linux.oracle.com/errata/ELSA-2026-50112.html	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://lists.opensuse.org/archives/list/security…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.15-…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://linux.oracle.com/errata/ELSA-2026-50144.html	external
	https://linux.oracle.com/errata/ELSA-2026-50145.html	external
	https://lists.debian.org/debian-security-announce…	external
	https://lists.debian.org/debian-lts-announce/2026…	external
	https://ubuntu.com/security/notices/USN-8096-2	external
	https://ubuntu.com/security/notices/USN-8094-1	external
	https://ubuntu.com/security/notices/USN-8096-1	external
	https://ubuntu.com/security/notices/USN-8096-4	external
	https://ubuntu.com/security/notices/USN-8096-3	external
	https://ubuntu.com/security/notices/USN-8094-2	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://ubuntu.com/security/notices/USN-8116-1	external
	https://ubuntu.com/security/notices/USN-8094-3	external
	https://ubuntu.com/security/notices/USN-8096-5	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://ubuntu.com/security/notices/USN-8094-4	external
	https://lists.suse.com/pipermail/sle-security-upd…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen um nicht n\u00e4her spezifizierte Angriffe durchzuf\u00fchren, die m\u00f6glicherweise zu einer Denial-of-Service- Bedingung f\u00fchren oder eine Speicherbesch\u00e4digung verursachen k\u00f6nnen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-0119 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0119.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-0119 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0119"
      },
      {
        "category": "external",
        "summary": "Kernel CVE Announce Mailingliste",
        "url": "https://lore.kernel.org/linux-cve-announce/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71102",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011407-CVE-2025-71102-f4be@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71103",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011410-CVE-2025-71103-f516@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71104",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011410-CVE-2025-71104-6882@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71105",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011410-CVE-2025-71105-2fbe@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71106",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011411-CVE-2025-71106-731c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71107",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011411-CVE-2025-71107-01b5@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71108",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011411-CVE-2025-71108-2969@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71109",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011412-CVE-2025-71109-f2d9@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71110",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011412-CVE-2025-71110-c354@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71111",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011412-CVE-2025-71111-1547@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71112",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011413-CVE-2025-71112-ca37@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71113",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011413-CVE-2025-71113-a5ec@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71114",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011413-CVE-2025-71114-2866@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71115",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011414-CVE-2025-71115-7c28@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71116",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011414-CVE-2025-71116-e57d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71117",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011414-CVE-2025-71117-0e3e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71118",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011415-CVE-2025-71118-1a69@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71119",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011415-CVE-2025-71119-287a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71120",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011415-CVE-2025-71120-d0a6@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71121",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011416-CVE-2025-71121-bf23@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71122",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011416-CVE-2025-71122-1921@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71123",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011416-CVE-2025-71123-221d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71124",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011417-CVE-2025-71124-5da0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71125",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011417-CVE-2025-71125-8435@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71126",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011418-CVE-2025-71126-8538@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71127",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011450-CVE-2025-71127-29a7@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71128",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011451-CVE-2025-71128-3c25@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71129",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011451-CVE-2025-71129-a6d5@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71130",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011451-CVE-2025-71130-5a08@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71131",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011452-CVE-2025-71131-c844@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71132",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011452-CVE-2025-71132-b03b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71133",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011453-CVE-2025-71133-6435@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71134",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011453-CVE-2025-71134-0136@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71135",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011453-CVE-2025-71135-9522@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71136",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011454-CVE-2025-71136-0f59@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71137",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011454-CVE-2025-71137-6471@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71138",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011454-CVE-2025-71138-d052@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71139",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011455-CVE-2025-71139-5d93@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71140",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011455-CVE-2025-71140-a6fe@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71141",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011455-CVE-2025-71141-5d19@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71142",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011456-CVE-2025-71142-c3d0@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71143",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011456-CVE-2025-71143-5787@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71144",
        "url": "https://lore.kernel.org/linux-cve-announce/2026011459-CVE-2025-71144-8a18@gregkh/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:0350-1 vom 2026-01-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/024000.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:0369-1 vom 2026-02-03",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024037.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-6126 vom 2026-02-09",
        "url": "https://lists.debian.org/debian-security-announce/2026/msg00035.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-6127 vom 2026-02-10",
        "url": "https://lists.debian.org/debian-security-announce/2026/msg00036.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:0411-1 vom 2026-02-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024085.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4476 vom 2026-02-11",
        "url": "https://lists.debian.org/debian-lts-announce/2026/02/msg00017.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4475 vom 2026-02-11",
        "url": "https://lists.debian.org/debian-lts-announce/2026/02/msg00016.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:0447-1 vom 2026-02-11",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024124.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:0474-1 vom 2026-02-12",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024140.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:0471-1 vom 2026-02-12",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024142.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:0473-1 vom 2026-02-12",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024136.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:0472-1 vom 2026-02-12",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024141.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:0475-1 vom 2026-02-12",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024139.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:0496-1 vom 2026-02-13",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024158.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:0495-1 vom 2026-02-13",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024159.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.10-2026-113 vom 2026-02-19",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.10-2026-113.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:0587-1 vom 2026-02-20",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024356.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2026-50112 vom 2026-02-23",
        "url": "https://linux.oracle.com/errata/ELSA-2026-50112.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:0617-1 vom 2026-02-24",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024378.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:20477-1 vom 2026-02-26",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024409.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:20479-1 vom 2026-02-26",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024407.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:20520-1 vom 2026-02-27",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024455.html"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2026:20287-1 vom 2026-02-28",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/K7KIWX7XP3UMVFSHT47OOZ24TQQYNNHI/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:20498-1 vom 2026-02-27",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024476.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:20570-1 vom 2026-03-05",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024574.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.15-2026-098 vom 2026-03-06",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.15-2026-098.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:20555-1 vom 2026-03-05",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024590.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:20599-1 vom 2026-03-05",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024614.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:20615-1 vom 2026-03-05",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024605.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2026-50144 vom 2026-03-11",
        "url": "https://linux.oracle.com/errata/ELSA-2026-50144.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2026-50145 vom 2026-03-12",
        "url": "https://linux.oracle.com/errata/ELSA-2026-50145.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-6163 vom 2026-03-13",
        "url": "https://lists.debian.org/debian-security-announce/2026/msg00071.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4499 vom 2026-03-13",
        "url": "https://lists.debian.org/debian-lts-announce/2026/03/msg00003.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-8096-2 vom 2026-03-17",
        "url": "https://ubuntu.com/security/notices/USN-8096-2"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-8094-1 vom 2026-03-16",
        "url": "https://ubuntu.com/security/notices/USN-8094-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-8096-1 vom 2026-03-17",
        "url": "https://ubuntu.com/security/notices/USN-8096-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-8096-4 vom 2026-03-17",
        "url": "https://ubuntu.com/security/notices/USN-8096-4"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-8096-3 vom 2026-03-17",
        "url": "https://ubuntu.com/security/notices/USN-8096-3"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-8094-2 vom 2026-03-17",
        "url": "https://ubuntu.com/security/notices/USN-8094-2"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:20711-1 vom 2026-03-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024715.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:20667-1 vom 2026-03-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024746.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:20720-1 vom 2026-03-19",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024766.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:20713-1 vom 2026-03-19",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024771.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-8116-1 vom 2026-03-23",
        "url": "https://ubuntu.com/security/notices/USN-8116-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-8094-3 vom 2026-03-23",
        "url": "https://ubuntu.com/security/notices/USN-8094-3"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-8096-5 vom 2026-03-23",
        "url": "https://ubuntu.com/security/notices/USN-8096-5"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:0962-1 vom 2026-03-23",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024803.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:20819-1 vom 2026-03-24",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024871.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:20772-1 vom 2026-03-24",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024862.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:20794-1 vom 2026-03-25",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024895.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-8094-4 vom 2026-03-25",
        "url": "https://ubuntu.com/security/notices/USN-8094-4"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:1041-1 vom 2026-03-25",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024928.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2026-03-25T23:00:00.000+00:00",
      "generator": {
        "date": "2026-03-26T08:01:28.370+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2026-0119",
      "initial_release_date": "2026-01-14T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-01-14T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2026-02-01T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2026-02-03T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2026-02-09T23:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2026-02-11T23:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Debian und SUSE aufgenommen"
        },
        {
          "date": "2026-02-12T23:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2026-02-15T23:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2026-02-18T23:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2026-02-22T23:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2026-02-24T23:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2026-02-26T23:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2026-03-01T23:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von SUSE und openSUSE aufgenommen"
        },
        {
          "date": "2026-03-05T23:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von SUSE und Amazon aufgenommen"
        },
        {
          "date": "2026-03-11T23:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2026-03-12T23:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2026-03-15T23:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2026-03-16T23:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2026-03-17T23:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2026-03-18T23:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2026-03-19T23:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2026-03-23T23:00:00.000+00:00",
          "number": "21",
          "summary": "Neue Updates von Ubuntu und SUSE aufgenommen"
        },
        {
          "date": "2026-03-24T23:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2026-03-25T23:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates von Ubuntu und SUSE aufgenommen"
        }
      ],
      "status": "final",
      "version": "23"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Linux Kernel",
            "product": {
              "name": "Open Source Linux Kernel",
              "product_id": "T050017",
              "product_identification_helper": {
                "cpe": "cpe:/o:linux:linux_kernel:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "SUSE openSUSE",
            "product": {
              "name": "SUSE openSUSE",
              "product_id": "T027843",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:opensuse:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-71102",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71102"
    },
    {
      "cve": "CVE-2025-71103",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71103"
    },
    {
      "cve": "CVE-2025-71104",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71104"
    },
    {
      "cve": "CVE-2025-71105",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71105"
    },
    {
      "cve": "CVE-2025-71106",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71106"
    },
    {
      "cve": "CVE-2025-71107",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71107"
    },
    {
      "cve": "CVE-2025-71108",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71108"
    },
    {
      "cve": "CVE-2025-71109",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71109"
    },
    {
      "cve": "CVE-2025-71110",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71110"
    },
    {
      "cve": "CVE-2025-71111",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71111"
    },
    {
      "cve": "CVE-2025-71112",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71112"
    },
    {
      "cve": "CVE-2025-71113",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71113"
    },
    {
      "cve": "CVE-2025-71114",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71114"
    },
    {
      "cve": "CVE-2025-71115",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71115"
    },
    {
      "cve": "CVE-2025-71116",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71116"
    },
    {
      "cve": "CVE-2025-71117",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71117"
    },
    {
      "cve": "CVE-2025-71118",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71118"
    },
    {
      "cve": "CVE-2025-71119",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71119"
    },
    {
      "cve": "CVE-2025-71120",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71120"
    },
    {
      "cve": "CVE-2025-71121",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71121"
    },
    {
      "cve": "CVE-2025-71122",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71122"
    },
    {
      "cve": "CVE-2025-71123",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71123"
    },
    {
      "cve": "CVE-2025-71124",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71124"
    },
    {
      "cve": "CVE-2025-71125",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71125"
    },
    {
      "cve": "CVE-2025-71126",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71126"
    },
    {
      "cve": "CVE-2025-71127",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71127"
    },
    {
      "cve": "CVE-2025-71128",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71128"
    },
    {
      "cve": "CVE-2025-71129",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71129"
    },
    {
      "cve": "CVE-2025-71130",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71130"
    },
    {
      "cve": "CVE-2025-71131",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71131"
    },
    {
      "cve": "CVE-2025-71132",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71132"
    },
    {
      "cve": "CVE-2025-71133",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71133"
    },
    {
      "cve": "CVE-2025-71134",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71134"
    },
    {
      "cve": "CVE-2025-71135",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71135"
    },
    {
      "cve": "CVE-2025-71136",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71136"
    },
    {
      "cve": "CVE-2025-71137",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71137"
    },
    {
      "cve": "CVE-2025-71138",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71138"
    },
    {
      "cve": "CVE-2025-71139",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71139"
    },
    {
      "cve": "CVE-2025-71140",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71140"
    },
    {
      "cve": "CVE-2025-71141",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71141"
    },
    {
      "cve": "CVE-2025-71142",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71142"
    },
    {
      "cve": "CVE-2025-71143",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71143"
    },
    {
      "cve": "CVE-2025-71144",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T000126",
          "T027843",
          "398363",
          "T050017",
          "T004914"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-71144"
    }
  ]
}

GHSA-M8F2-RW7M-JRXF

Vulnerability from github – Published: 2026-01-14 15:33 – Updated: 2026-03-25 21:30

Details

In the Linux kernel, the following vulnerability has been resolved:

mm/slub: reset KASAN tag in defer_free() before accessing freed memory

When CONFIG_SLUB_TINY is enabled, kfree_nolock() calls kasan_slab_free() before defer_free(). On ARM64 with MTE (Memory Tagging Extension), kasan_slab_free() poisons the memory and changes the tag from the original (e.g., 0xf3) to a poison tag (0xfe).

When defer_free() then tries to write to the freed object to build the deferred free list via llist_add(), the pointer still has the old tag, causing a tag mismatch and triggering a KASAN use-after-free report:

BUG: KASAN: slab-use-after-free in defer_free+0x3c/0xbc mm/slub.c:6537 Write at addr f3f000000854f020 by task kworker/u8:6/983 Pointer tag: [f3], memory tag: [fe]

Fix this by calling kasan_reset_tag() before accessing the freed memory. This is safe because defer_free() is part of the allocator itself and is expected to manipulate freed memory for bookkeeping purposes.

Severity ?

7.8 (High)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-71110"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-14T15:16:00Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/slub: reset KASAN tag in defer_free() before accessing freed memory\n\nWhen CONFIG_SLUB_TINY is enabled, kfree_nolock() calls kasan_slab_free()\nbefore defer_free(). On ARM64 with MTE (Memory Tagging Extension),\nkasan_slab_free() poisons the memory and changes the tag from the\noriginal (e.g., 0xf3) to a poison tag (0xfe).\n\nWhen defer_free() then tries to write to the freed object to build the\ndeferred free list via llist_add(), the pointer still has the old tag,\ncausing a tag mismatch and triggering a KASAN use-after-free report:\n\n  BUG: KASAN: slab-use-after-free in defer_free+0x3c/0xbc mm/slub.c:6537\n  Write at addr f3f000000854f020 by task kworker/u8:6/983\n  Pointer tag: [f3], memory tag: [fe]\n\nFix this by calling kasan_reset_tag() before accessing the freed memory.\nThis is safe because defer_free() is part of the allocator itself and is\nexpected to manipulate freed memory for bookkeeping purposes.",
  "id": "GHSA-m8f2-rw7m-jrxf",
  "modified": "2026-03-25T21:30:22Z",
  "published": "2026-01-14T15:33:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-71110"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/53ca00a19d345197a37a1bf552e8d1e7b091666c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/65d4e5af2a2e82f4fc50d8259aee208fbc6b2c1d"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2025-71110

Vulnerability from fkie_nvd - Published: 2026-01-14 15:16 - Updated: 2026-03-25 19:27

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/53ca00a19d345197a37a1bf552e8d1e7b091666c	Patch
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/65d4e5af2a2e82f4fc50d8259aee208fbc6b2c1d	Patch

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
linux	linux_kernel	6.18
linux	linux_kernel	6.19
linux	linux_kernel	6.19
linux	linux_kernel	6.19
linux	linux_kernel	6.19
linux	linux_kernel	6.19
linux	linux_kernel	6.19
linux	linux_kernel	6.19
linux	linux_kernel	6.19

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3586EB6-087D-41EA-AD79-2AA54D44AAA1",
              "versionEndExcluding": "6.18.3",
              "versionStartIncluding": "6.18.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.18:-:*:*:*:*:*:*",
              "matchCriteriaId": "DCE57113-2223-4308-A0F2-5E6ECFBB3C23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "17B67AA7-40D6-4AFA-8459-F200F3D7CFD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "C47E4CC9-C826-4FA9-B014-7FE3D9B318B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "F71D92C0-C023-48BD-B3B6-70B638EEE298",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "13580667-0A98-40CC-B29F-D12790B91BDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "CAD1FED7-CF48-47BF-AC7D-7B6FA3C065FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc6:*:*:*:*:*:*",
              "matchCriteriaId": "3EF854A1-ABB1-4E93-BE9A-44569EC76C0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc7:*:*:*:*:*:*",
              "matchCriteriaId": "F5DC0CA6-F0AF-4DDF-A882-3DADB9A886A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.19:rc8:*:*:*:*:*:*",
              "matchCriteriaId": "EB5B7DFC-C36B-45D8-922C-877569FDDF43",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/slub: reset KASAN tag in defer_free() before accessing freed memory\n\nWhen CONFIG_SLUB_TINY is enabled, kfree_nolock() calls kasan_slab_free()\nbefore defer_free(). On ARM64 with MTE (Memory Tagging Extension),\nkasan_slab_free() poisons the memory and changes the tag from the\noriginal (e.g., 0xf3) to a poison tag (0xfe).\n\nWhen defer_free() then tries to write to the freed object to build the\ndeferred free list via llist_add(), the pointer still has the old tag,\ncausing a tag mismatch and triggering a KASAN use-after-free report:\n\n  BUG: KASAN: slab-use-after-free in defer_free+0x3c/0xbc mm/slub.c:6537\n  Write at addr f3f000000854f020 by task kworker/u8:6/983\n  Pointer tag: [f3], memory tag: [fe]\n\nFix this by calling kasan_reset_tag() before accessing the freed memory.\nThis is safe because defer_free() is part of the allocator itself and is\nexpected to manipulate freed memory for bookkeeping purposes."
    }
  ],
  "id": "CVE-2025-71110",
  "lastModified": "2026-03-25T19:27:53.777",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2026-01-14T15:16:00.080",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/53ca00a19d345197a37a1bf552e8d1e7b091666c"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/65d4e5af2a2e82f4fc50d8259aee208fbc6b2c1d"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-71110 (GCVE-0-2025-71110)

WID-SEC-W-2026-0119

GHSA-M8F2-RW7M-JRXF

FKIE_CVE-2025-71110

Tags

Sightings

Nomenclature