发布时间: 2025年8月22日
修改时间: 2025年8月22日
A vulnerability classified as critical has been found in Linux Kernel up to 6.1.146/6.6.99/6.12.39/6.15.7 (Operating System).CWE is classifying the issue as CWE-416. Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.This is going to have an impact on confidentiality, integrity, and availability.Upgrading to version 6.1.147, 6.6.100, 6.12.40 or 6.15.8 eliminates this vulnerability. Applying the patch 466e10194ab81caa2ee6a332d33ba16bcceeeba6/fbe48f06e64134dfeafa89ad23387f66ebca3527/a6d735100f602c830c16d69fb6d780eebd8c9ae1/c000a3a330d97f6c073ace5aa5faf94b9adb4b79/5e28d5a3f774f118896aec17a3a20a9c5c9dfc64 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.
| NVD | openEuler | |
|---|---|---|
| Confidentiality | High | |
| Attack Vector | Local | |
| CVSS评分 | N/A | 7.3 |
| Attack Complexity | Low | |
| Privileges Required | Low | |
| Scope | Unchanged | |
| Integrity | Low | |
| User Interaction | None | |
| Availability | High |
| 公告名 | 概要 | 发布时间 |
|---|---|---|
| KylinSec-SA-2025-2883 | kernel security update | 2025年8月27日 |
| 产品 | 包 | 状态 |
|---|---|---|
| KY3.4-5A | kernel | Fixed |
