Описание
[REJECTED CVE] A vulnerability was identified in the Linux kernel’s Xen subsystem, where the __init-annotated function xen_xlate_map_ballooned_pages() was incorrectly exported using EXPORT_SYMBOL, leading to the risk of kernel panics if modules accessed this freed function after system initialization. An attacker could potentially exploit this by loading a malicious module referencing the freed symbol, causing a system crash.
Отчет
This CVE has been rejected upstream: https://lore.kernel.org/linux-cve-announce/2025022628-REJECTED-7e9e@gregkh/
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | kernel | Not affected | ||
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Not affected | ||
| Red Hat Enterprise Linux 8 | kernel | Out of support scope | ||
| Red Hat Enterprise Linux 8 | kernel-rt | Out of support scope | ||
| Red Hat Enterprise Linux 9 | kernel | Fix deferred | ||
| Red Hat Enterprise Linux 9 | kernel-rt | Fix deferred |
Показывать по
10
Дополнительная информация
Статус:
Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=2348273kernel: xen: unexport __init-annotated xen_xlate_map_ballooned_pages()
5.5 Medium
CVSS3
Связанные уязвимости
nvd
12 месяцев назад
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
5.5 Medium
CVSS3