-

CVE-2025-39823

EPSS 0.03%
Veröffentlicht 16.09.2025 13:00:22
Zuletzt bearbeitet 17.09.2025 14:18:55
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

KVM: x86: use array_index_nospec with indices that come from guest

min and dest_id are guest-controlled indices. Using array_index_nospec()
after the bounds checks clamps these values to mitigate speculative execution
side-channels.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 72777fc31aa7ab2ce00f44bfa3929c6eabbeaf48

Version 4180bf1b655a791a0a6ef93a2ffffc762722c782

Status affected

Version < 31a0ad2f60cb4816e06218b63e695eb72ce74974

Version 4180bf1b655a791a0a6ef93a2ffffc762722c782

Status affected

Version < d51e381beed5e2f50f85f49f6c90e023754efa12

Version 4180bf1b655a791a0a6ef93a2ffffc762722c782

Status affected

Version < 33e974c2d5a82b2f9d9ba0ad9cbaabc1c8e3985f

Version 4180bf1b655a791a0a6ef93a2ffffc762722c782

Status affected

Version < f49161646e03d107ce81a99c6ca5da682fe5fb69

Version 4180bf1b655a791a0a6ef93a2ffffc762722c782

Status affected

Version < 67a05679621b7f721bdba37a5d18665d3aceb695

Version 4180bf1b655a791a0a6ef93a2ffffc762722c782

Status affected

Version < f57a4bd8d6cb5af05b8ac1be9098e249034639fb

Version 4180bf1b655a791a0a6ef93a2ffffc762722c782

Status affected

Version < c87bd4dd43a624109c3cc42d843138378a7f4548

Version 4180bf1b655a791a0a6ef93a2ffffc762722c782

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.19

Status affected

Version < 4.19

Version 0

Status unaffected

Version <= 5.4.*

Version 5.4.298

Status unaffected

Version <= 5.10.*

Version 5.10.242

Status unaffected

Version <= 5.15.*

Version 5.15.191

Status unaffected

Version <= 6.1.*

Version 6.1.150

Status unaffected

Version <= 6.6.*

Version 6.6.104

Status unaffected

Version <= 6.12.*

Version 6.12.45

Status unaffected

Version <= 6.16.*

Version 6.16.5

Status unaffected

Version <= *

Version 6.17-rc4

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.074

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/72777fc31aa7ab2ce00f44bfa3929c6eabbeaf48

https://git.kernel.org/stable/c/31a0ad2f60cb4816e06218b63e695eb72ce74974

https://git.kernel.org/stable/c/d51e381beed5e2f50f85f49f6c90e023754efa12

https://git.kernel.org/stable/c/33e974c2d5a82b2f9d9ba0ad9cbaabc1c8e3985f

https://git.kernel.org/stable/c/f49161646e03d107ce81a99c6ca5da682fe5fb69

https://git.kernel.org/stable/c/67a05679621b7f721bdba37a5d18665d3aceb695

https://git.kernel.org/stable/c/f57a4bd8d6cb5af05b8ac1be9098e249034639fb

https://git.kernel.org/stable/c/c87bd4dd43a624109c3cc42d843138378a7f4548

https://nvd.nist.gov/vuln/detail/CVE-2025-39823

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-39823

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-39823

EUVD