7.8

CVE-2025-38403

vsock/vmci: Clear the vmci transport packet properly when initializing it

In the Linux kernel, the following vulnerability has been resolved:

vsock/vmci: Clear the vmci transport packet properly when initializing it

In vmci_transport_packet_init memset the vmci_transport_packet before
populating the fields to avoid any uninitialised data being left in the
structure.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 3.9 < 5.4.296
LinuxLinux Kernel Version >= 5.5 < 5.10.240
LinuxLinux Kernel Version >= 5.11 < 5.15.187
LinuxLinux Kernel Version >= 5.16 < 6.1.144
LinuxLinux Kernel Version >= 6.2 < 6.6.97
LinuxLinux Kernel Version >= 6.7 < 6.12.37
LinuxLinux Kernel Version >= 6.13 < 6.15.6
LinuxLinux Kernel Version6.16 Updaterc1
LinuxLinux Kernel Version6.16 Updaterc2
LinuxLinux Kernel Version6.16 Updaterc3
LinuxLinux Kernel Version6.16 Updaterc4
DebianDebian Linux Version11.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.18% 0.078
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/0a01021317375b8d1895152f544421ce49299eb1
Patch
https://git.kernel.org/stable/c/19c2cc01ff9a8031398a802676ffb0f4692dd95d
Patch
https://git.kernel.org/stable/c/1c1bcb0e78230f533b4103e8cf271d17c3f469f0
Patch
https://git.kernel.org/stable/c/223e2288f4b8c262a864e2c03964ffac91744cd5
Patch
https://git.kernel.org/stable/c/2d44723a091bc853272e1a51a488a3d22b80be5e
Patch
https://git.kernel.org/stable/c/75705b44e0b9aaa74f4c163d93d388bcba9e386a
Patch
https://git.kernel.org/stable/c/94d0c326cb3ee6b0f8bd00e209550b93fcc5c839
Patch
https://git.kernel.org/stable/c/e9a673153d578fd439919a24e99851b2f87ecbce
Patch
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Third Party Advisory