CNNVD-202510-3876 Information

CNNVD ID

CNNVD-202510-3876

Related CVE

CVE-2025-40044

• CNNVD Published: 2025-10-28

Description (Chinese)

Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞，该漏洞源于未验证lengthAllocDescs参数，可能导致越界读取和释放后重用。

Description (English)

Linux Kernel is the kernel used by Linux, the Open Source Operator System of the Linux Foundation of the United States. Linux Kernel had a security loophole, which originated from unverified Length AllocDescs parameters and could lead to cross-border readouts and re-use after release.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Linux

Published

2025-10-28

Last Modified

2026-02-24

References

https://git.kernel.org/stable/c/3bd5e45c2ce30e239d596becd5db720f7eb83c99 https://git.kernel.org/stable/c/459404f858213967ccfff336c41747d8dd186d38 https://git.kernel.org/stable/c/1d1847812a1a5375c10a2a779338df643f79c047 https://git.kernel.org/stable/c/a70dcfa8d0a0cc530a6af59483dfca260b652c1b https://git.kernel.org/stable/c/b57f2d7d3e6bb89ed82330c5fe106cdfa34d3e24 https://git.kernel.org/stable/c/918649364fbca7d5df72522ca795479edcd25f91 https://vigilance.fr/vulnerability/Linux-kernel-multiple-vulnerabilities-dated-28-10-2025-48601

Patch

https://www.kernel.org/