CVE-2025-39867

Опубликовано: 23 сент. 2025

Источник: redhat

CVSS3: 5.5

Описание

No description is available for this CVE.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 10	kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 7	kernel	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Not affected
Red Hat Enterprise Linux 8	kernel	Not affected
Red Hat Enterprise Linux 8	kernel-rt	Not affected
Red Hat Enterprise Linux 9	kernel	Not affected
Red Hat Enterprise Linux 9	kernel-rt	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

https://bugzilla.redhat.com/show_bug.cgi?id=2397555kernel: netfilter: nft_set_pipapo: fix null deref for empty set

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2025-39867

ubuntu

3 месяца назад

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

CVE-2025-39867

nvd

3 месяца назад

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

CVE-2025-39867

msrc

3 месяца назад

netfilter: nft_set_pipapo: fix null deref for empty set

GHSA-945m-m359-mmj7

github

3 месяца назад

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: fix null deref for empty set Blamed commit broke the check for a null scratch map: - if (unlikely(!m || !*raw_cpu_ptr(m->scratch))) + if (unlikely(!raw_cpu_ptr(m->scratch))) This should have been "if (!*raw_ ...)". Use the pattern of the avx2 version which is more readable. This can only be reproduced if avx2 support isn't available.

BDU:2025-13889

CVSS3: 5.5

fstec

5 месяцев назад

Уязвимость функции nft_set_pipapo() модуля net/netfilter/nft_set_pipapo.c ядра оперционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

5.5 Medium

CVSS3