csaf_certbund - wid-sec-w-2025-0732

WID-SEC-W-2025-0732

Vulnerability from csaf_certbund - Published: 2025-04-07 22:00 - Updated: 2025-06-16 22:00

Summary

Linux Kernel: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff

Ein Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder nicht spezifizierte Angriffe durchzuführen.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder nicht spezifizierte Angriffe durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-0732 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0732.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-0732 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0732"
      },
      {
        "category": "external",
        "summary": "Kernel CVE Announce Mailingliste",
        "url": "https://lore.kernel.org/linux-cve-announce/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-22008",
        "url": "https://lore.kernel.org/linux-cve-announce/2025040841-CVE-2025-22008-af1a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-22009",
        "url": "https://lore.kernel.org/linux-cve-announce/2025040842-CVE-2025-22009-2b2b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-22010",
        "url": "https://lore.kernel.org/linux-cve-announce/2025040843-CVE-2025-22010-82d7@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-22011",
        "url": "https://lore.kernel.org/linux-cve-announce/2025040843-CVE-2025-22011-9e83@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-22012",
        "url": "https://lore.kernel.org/linux-cve-announce/2025040843-CVE-2025-22012-e03f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-22013",
        "url": "https://lore.kernel.org/linux-cve-announce/2025040843-CVE-2025-22013-c885@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-22014",
        "url": "https://lore.kernel.org/linux-cve-announce/2025040843-CVE-2025-22014-9c4f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-22015",
        "url": "https://lore.kernel.org/linux-cve-announce/2025040843-CVE-2025-22015-3408@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-22016",
        "url": "https://lore.kernel.org/linux-cve-announce/2025040844-CVE-2025-22016-ac9d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-22017",
        "url": "https://lore.kernel.org/linux-cve-announce/2025040844-CVE-2025-22017-a66e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5900 vom 2025-04-12",
        "url": "https://lists.debian.org/debian-security-announce/2025/msg00062.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:01600-1 vom 2025-05-20",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020854.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:01614-1 vom 2025-05-21",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020870.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:01707-1 vom 2025-05-26",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020902.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4178 vom 2025-05-26",
        "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20344-1 vom 2025-05-29",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020964.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4193 vom 2025-05-30",
        "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20343-1 vom 2025-05-29",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020965.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20355-1 vom 2025-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021015.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20354-1 vom 2025-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021016.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20283-1 vom 2025-06-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021049.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20270-1 vom 2025-06-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021056.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20206-1 vom 2025-06-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021137.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20192-1 vom 2025-06-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021150.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:01919-1 vom 2025-06-12",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021477.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:01951-1 vom 2025-06-13",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021509.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:01964-1 vom 2025-06-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021531.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:01967-1 vom 2025-06-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021533.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-06-16T22:00:00.000+00:00",
      "generator": {
        "date": "2025-06-17T06:21:07.998+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.12"
        }
      },
      "id": "WID-SEC-W-2025-0732",
      "initial_release_date": "2025-04-07T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-04-07T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2025-04-13T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2025-05-20T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-05-21T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-05-26T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von SUSE und Debian aufgenommen"
        },
        {
          "date": "2025-05-29T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von SUSE und Debian aufgenommen"
        },
        {
          "date": "2025-06-02T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-06-03T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-06-11T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-06-15T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-06-16T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von SUSE aufgenommen"
        }
      ],
      "status": "final",
      "version": "11"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Linux Kernel",
            "product": {
              "name": "Open Source Linux Kernel",
              "product_id": "T042485",
              "product_identification_helper": {
                "cpe": "cpe:/o:linux:linux_kernel:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-22008",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T042485"
        ]
      },
      "release_date": "2025-04-07T22:00:00.000+00:00",
      "title": "CVE-2025-22008"
    },
    {
      "cve": "CVE-2025-22009",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T042485"
        ]
      },
      "release_date": "2025-04-07T22:00:00.000+00:00",
      "title": "CVE-2025-22009"
    },
    {
      "cve": "CVE-2025-22010",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T042485"
        ]
      },
      "release_date": "2025-04-07T22:00:00.000+00:00",
      "title": "CVE-2025-22010"
    },
    {
      "cve": "CVE-2025-22011",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T042485"
        ]
      },
      "release_date": "2025-04-07T22:00:00.000+00:00",
      "title": "CVE-2025-22011"
    },
    {
      "cve": "CVE-2025-22012",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T042485"
        ]
      },
      "release_date": "2025-04-07T22:00:00.000+00:00",
      "title": "CVE-2025-22012"
    },
    {
      "cve": "CVE-2025-22013",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T042485"
        ]
      },
      "release_date": "2025-04-07T22:00:00.000+00:00",
      "title": "CVE-2025-22013"
    },
    {
      "cve": "CVE-2025-22014",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T042485"
        ]
      },
      "release_date": "2025-04-07T22:00:00.000+00:00",
      "title": "CVE-2025-22014"
    },
    {
      "cve": "CVE-2025-22015",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T042485"
        ]
      },
      "release_date": "2025-04-07T22:00:00.000+00:00",
      "title": "CVE-2025-22015"
    },
    {
      "cve": "CVE-2025-22016",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T042485"
        ]
      },
      "release_date": "2025-04-07T22:00:00.000+00:00",
      "title": "CVE-2025-22016"
    },
    {
      "cve": "CVE-2025-22017",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T042485"
        ]
      },
      "release_date": "2025-04-07T22:00:00.000+00:00",
      "title": "CVE-2025-22017"
    }
  ]
}

CVE-2025-22015 (GCVE-0-2025-22015)

Vulnerability from cvelistv5 – Published: 2025-04-08 08:18 – Updated: 2025-11-03 19:41

Title

mm/migrate: fix shmem xarray update during migration

Summary

In the Linux kernel, the following vulnerability has been resolved: mm/migrate: fix shmem xarray update during migration A shmem folio can be either in page cache or in swap cache, but not at the same time. Namely, once it is in swap cache, folio->mapping should be NULL, and the folio is no longer in a shmem mapping. In __folio_migrate_mapping(), to determine the number of xarray entries to update, folio_test_swapbacked() is used, but that conflates shmem in page cache case and shmem in swap cache case. It leads to xarray multi-index entry corruption, since it turns a sibling entry to a normal entry during xas_store() (see [1] for a userspace reproduction). Fix it by only using folio_test_swapcache() to determine whether xarray is storing swap cache entries or not to choose the right number of xarray entries to update. [1] https://lore.kernel.org/linux-mm/Z8idPCkaJW1IChjT@casper.infradead.org/ Note: In __split_huge_page(), folio_test_anon() && folio_test_swapcache() is used to get swap_cache address space, but that ignores the shmem folio in swap cache case. It could lead to NULL pointer dereferencing when a in-swap-cache shmem folio is split at __xa_store(), since !folio_test_anon() is true and folio->mapping is NULL. But fortunately, its caller split_huge_page_to_list_to_order() bails out early with EBUSY when folio->mapping is NULL. So no need to take care of it here.

Severity ?

No CVSS data available.

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/49100c0b070e900f8…
	https://git.kernel.org/stable/c/29124ae980e2860f0…
	https://git.kernel.org/stable/c/c057ee03f751d6cec…
	https://git.kernel.org/stable/c/75cfb92eb63298d71…
	https://git.kernel.org/stable/c/60cf233b585cdf1f3…

Impacted products

Vendor

Product

Version

Action not permitted

WID-SEC-W-2025-0732

CVE-2025-22015 (GCVE-0-2025-22015)

CVE-2025-22014 (GCVE-0-2025-22014)

CVE-2025-22011 (GCVE-0-2025-22011)

CVE-2025-22010 (GCVE-0-2025-22010)

CVE-2025-22017 (GCVE-0-2025-22017)

CVE-2025-22016 (GCVE-0-2025-22016)

CVE-2025-22008 (GCVE-0-2025-22008)

CVE-2025-22013 (GCVE-0-2025-22013)

CVE-2025-22009 (GCVE-0-2025-22009)

CVE-2025-22012 (GCVE-0-2025-22012)

Tags

Sightings

Nomenclature