-

CVE-2025-38460

EPSS 0.04%
Veröffentlicht 25.07.2025 16:15:31
Zuletzt bearbeitet 29.07.2025 14:14:55
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

atm: clip: Fix potential null-ptr-deref in to_atmarpd().

atmarpd is protected by RTNL since commit f3a0592b37b8 ("[ATM]: clip
causes unregister hang").

However, it is not enough because to_atmarpd() is called without RTNL,
especially clip_neigh_solicit() / neigh_ops->solicit() is unsleepable.

Also, there is no RTNL dependency around atmarpd.

Let's use a private mutex and RCU to protect access to atmarpd in
to_atmarpd().

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < a4c5785feb979cd996a99cfaad8bf353b2e79301

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 70eac9ba7ce25d99c1d99bbf4ddb058940f631f9

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 3251ce3979f41bd228f77a7615f9dd616d06a110

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < ee4d9e4ddf3f9c4ee2ec0a3aad6196ee36d30e57

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 06935c50cfa3ac57cce80bba67b6d38ec1406e92

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 36caab990b69ef4eec1d81c52a19f080b7daa059

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < f58e4270c73e7f086322978d585ea67c8076ce49

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 706cc36477139c1616a9b2b96610a8bb520b7119

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 2.6.12

Status affected

Version < 2.6.12

Version 0

Status unaffected

Version <= 5.4.*

Version 5.4.296

Status unaffected

Version <= 5.10.*

Version 5.10.240

Status unaffected

Version <= 5.15.*

Version 5.15.189

Status unaffected

Version <= 6.1.*

Version 6.1.146

Status unaffected

Version <= 6.6.*

Version 6.6.99

Status unaffected

Version <= 6.12.*

Version 6.12.39

Status unaffected

Version <= 6.15.*

Version 6.15.7

Status unaffected

Version <= *

Version 6.16

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.103

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/06935c50cfa3ac57cce80bba67b6d38ec1406e92

https://git.kernel.org/stable/c/3251ce3979f41bd228f77a7615f9dd616d06a110

https://git.kernel.org/stable/c/36caab990b69ef4eec1d81c52a19f080b7daa059

https://git.kernel.org/stable/c/706cc36477139c1616a9b2b96610a8bb520b7119

https://git.kernel.org/stable/c/70eac9ba7ce25d99c1d99bbf4ddb058940f631f9

https://git.kernel.org/stable/c/a4c5785feb979cd996a99cfaad8bf353b2e79301

https://git.kernel.org/stable/c/ee4d9e4ddf3f9c4ee2ec0a3aad6196ee36d30e57

https://git.kernel.org/stable/c/f58e4270c73e7f086322978d585ea67c8076ce49

https://nvd.nist.gov/vuln/detail/CVE-2025-38460

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38460

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38460

EUVD