CNNVD-202512-2994 Information

CNNVD ID

CNNVD-202512-2994

Related CVE

CVE-2025-40349

• CNNVD Published: 2025-12-16

Description (Chinese)

Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞，该漏洞源于hfsplus_bmap_alloc中未验证记录偏移量，可能导致越界读取。

Description (English)

Linux Kernel is the kernel used by Linux, the Open Source Operator System of the Linux Foundation of the United States. There is a security loophole in Linux Kernel, which originates from unverified log deviations in hfsplus bmap alloc, which may lead to cross-border reading.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Linux

Published

2025-12-16

Last Modified

2026-02-24

References

https://git.kernel.org/stable/c/0058d20d76182861dbdd8fd6e2dd8d18d6d3becf https://git.kernel.org/stable/c/068a46df3e6acc68fb9db0a6313ab379a11ecd6f https://git.kernel.org/stable/c/17ed51cfce6c62cffb97059ef392ad2e0245806e https://git.kernel.org/stable/c/40dfe7a4215a1f20842561ffaf5a6f83a987e75b https://git.kernel.org/stable/c/418e48cab99c52c1760636a4dbe464bf6db2018b https://git.kernel.org/stable/c/4f40a2b3969daf10dca4dea6f6dd0e813f79b227 https://git.kernel.org/stable/c/738d5a51864ed8d7a68600b8c0c63fe6fe5c4f20 https://git.kernel.org/stable/c/f7d9f600c7c3ff5dab36181a388af55f2c95604c

Patch

https://www.kernel.org/