Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-21671

Опубликовано: 31 янв. 2025
Источник: redhat
CVSS3: 6.7

Описание

In the Linux kernel, the following vulnerability has been resolved: zram: fix potential UAF of zram table If zram_meta_alloc failed early, it frees allocated zram->table without setting it NULL. Which will potentially cause zram_meta_free to access the table if user reset an failed and uninitialized device.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10kernelAffected
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelOut of support scope
Red Hat Enterprise Linux 7kernel-rtOut of support scope
Red Hat Enterprise Linux 8kernelOut of support scope
Red Hat Enterprise Linux 8kernel-rtOut of support scope
Red Hat Enterprise Linux 9kernelAffected
Red Hat Enterprise Linux 9kernel-rtAffected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-416
https://bugzilla.redhat.com/show_bug.cgi?id=2343172kernel: zram: fix potential UAF of zram table

6.7 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2025-21671

CVSS3: 7.8
ubuntu
5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: zram: fix potential UAF of zram table If zram_meta_alloc failed early, it frees allocated zram->table without setting it NULL. Which will potentially cause zram_meta_free to access the table if user reset an failed and uninitialized device.

nvd логотип

CVE-2025-21671

CVSS3: 7.8
nvd
5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: zram: fix potential UAF of zram table If zram_meta_alloc failed early, it frees allocated zram->table without setting it NULL. Which will potentially cause zram_meta_free to access the table if user reset an failed and uninitialized device.

debian логотип

CVE-2025-21671

CVSS3: 7.8
debian
5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: z ...

github логотип

GHSA-7792-f3h4-qxjq

CVSS3: 7.8
github
5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: zram: fix potential UAF of zram table If zram_meta_alloc failed early, it frees allocated zram->table without setting it NULL. Which will potentially cause zram_meta_free to access the table if user reset an failed and uninitialized device.

fstec логотип

BDU:2025-01394

CVSS3: 7.8
fstec
5 месяцев назад

Уязвимость функции zram_meta_alloc() модуля zram операционных систем Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации.

6.7 Medium

CVSS3