CNNVD-202511-1428 Information
CNNVD ID
CNNVD-202511-1428
Related CVE
- CNNVD Published: 2025-11-12
Description (Chinese)
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于tls_strp_msg_hold失败后未等待异步解密完成,可能导致UAF攻击。
Description (English)
Linux Kernel is the kernel used by Linux, the Open Source Operator System of the Linux Foundation of the United States. There is a security loophole in Linux Kernel, which stems from the failure of the tls strp msg hold without waiting for the decryption to be completed, which could lead to a UAF attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Linux
Published
2025-11-12
Last Modified
2026-02-24
References
https://git.kernel.org/stable/c/4fc109d0ab196bd943b7451276690fb6bb48c2e0 https://git.kernel.org/stable/c/9f83fd0c179e0f458e824e417f9d5ad53443f685 https://git.kernel.org/stable/c/b8a6ff84abbcbbc445463de58704686011edc8e1 https://git.kernel.org/stable/c/c61d4368197d65c4809d9271f3b85325a600586a https://git.kernel.org/stable/c/39dec4ea3daf77f684308576baf483b55ca7f160 https://vigilance.fr/vulnerability/Linux-kernel-multiple-vulnerabilities-dated-12-11-2025-48734