发布时间: 2025年7月18日
修改时间: 2025年7月18日
A vulnerability has been found in Linux Kernel up to 6.15.2 (Operating System) and classified as critical.The CWE definition for the vulnerability is CWE-121. A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).As an impact it is known to affect confidentiality, integrity, and availability.Upgrading to version 5.4.295, 5.10.239, 5.15.186, 6.1.142, 6.6.94, 6.12.34, 6.15.3 or 6.16-rc1 eliminates this vulnerability. Applying the patch 44ebe361abb322d2afd77930fa767a99f271c4d1/147ea936fc6fa8fe0c93f0df918803a5375ca535/ee90be48edb3dac612e0b7f5332482a9e8be2696/e167414beabb1e941fe563a96becc98627d5bdf6/6d8f39875a10a194051c3eaefebc7ac06a34aaf3/c98cdf6795a36bca163ebb40411fef1687b9eb13/18e8cbbae79cb35bdce8a01c889827b9799c762e/3880cdbed1c4607e378f58fa924c5d6df900d1d3 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.
| NVD | openEuler | |
|---|---|---|
| Confidentiality | High | |
| Attack Vector | Local | |
| CVSS评分 | N/A | 7.0 |
| Attack Complexity | High | |
| Privileges Required | Low | |
| Scope | Unchanged | |
| Integrity | High | |
| User Interaction | None | |
| Availability | High |
| 公告名 | 概要 | 发布时间 |
|---|---|---|
| KylinSec-SA-2025-2780 | kernel security update | 2025年7月25日 |
| 产品 | 包 | 状态 |
|---|---|---|
| KY3.4-5A | kernel | Fixed |
| V6 | kernel | Fixed |
