CVE-2025-39678

Опубликовано: 05 сент. 2025

Источник: redhat

CVSS3: 5.5

Описание

In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL If metric table address is not allocated, accessing metrics_bin will result in a NULL pointer dereference, so add a check.

A flaw was found in the AMD HSMP driver in the Linux kernel. A NULL pointer dereference can be triggered due to a missing check when the metric address table is not allocated, resulting in a denial of service.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 10	kernel	Fix deferred
Red Hat Enterprise Linux 6	kernel	Out of support scope
Red Hat Enterprise Linux 7	kernel	Out of support scope
Red Hat Enterprise Linux 7	kernel-rt	Out of support scope
Red Hat Enterprise Linux 8	kernel	Out of support scope
Red Hat Enterprise Linux 8	kernel-rt	Out of support scope
Red Hat Enterprise Linux 9	kernel	Fix deferred
Red Hat Enterprise Linux 9	kernel-rt	Fix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-476

https://bugzilla.redhat.com/show_bug.cgi?id=2393497kernel: platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2025-39678

CVSS3: 5.5

ubuntu

4 месяца назад

CVE-2025-39678

CVSS3: 5.5

nvd

4 месяца назад

CVE-2025-39678

CVSS3: 5.5

debian

4 месяца назад

In the Linux kernel, the following vulnerability has been resolved: p ...

GHSA-w398-9wvh-qwc8

CVSS3: 5.5

github

4 месяца назад

SUSE-SU-2025:3725-1

suse-cvrf

2 месяца назад

Security update for the Linux Kernel

5.5 Medium

CVSS3