目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

CVE-2025-38345— Linux kernel 安全漏洞

AI 预测 5.3 利用难度: 中等 EPSS 0.16% · P6

影响版本矩阵 18

厂商产品版本范围状态
LinuxLinux773069d48030e670cf2032a13ddf16a2e0034df3< 4fa430a8bca708c7776f6b9d001257f48b19a5b7affected
773069d48030e670cf2032a13ddf16a2e0034df3< 1c0d9115a001979cb446ba5e8331dd1d29a10bbfaffected
773069d48030e670cf2032a13ddf16a2e0034df3< 5a68893b594ee6ce0efce5f74c07e64e9dd0c2c4affected
773069d48030e670cf2032a13ddf16a2e0034df3< 64c4bcf0308dd1d752ef31d560040b8725e29984affected
773069d48030e670cf2032a13ddf16a2e0034df3< 755a8006b76792922ff7b1c9674d8897a476b5d7affected
773069d48030e670cf2032a13ddf16a2e0034df3< 76d37168155880f2b04a0aad92ceb0f9d799950eaffected
773069d48030e670cf2032a13ddf16a2e0034df3< e0783910ca4368b01466bc8dcdcc13c3e0b7db53affected
773069d48030e670cf2032a13ddf16a2e0034df3< 156fd20a41e776bbf334bd5e45c4f78dfc90ce1caffected
… +10 条更多
获取后续新漏洞提醒登录后订阅

一、 漏洞 CVE-2025-38345 基础信息

漏洞信息

对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

Vulnerability Title
ACPICA: fix acpi operand cache leak in dswstate.c
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: ACPICA: fix acpi operand cache leak in dswstate.c ACPICA commit 987a3b5cf7175916e2a4b6ea5b8e70f830dfe732 I found an ACPI cache leak in ACPI early termination and boot continuing case. When early termination occurs due to malicious ACPI table, Linux kernel terminates ACPI function and continues to boot process. While kernel terminates ACPI function, kmem_cache_destroy() reports Acpi-Operand cache leak. Boot log of ACPI operand cache leak is as follows: >[ 0.585957] ACPI: Added _OSI(Module Device) >[ 0.587218] ACPI: Added _OSI(Processor Device) >[ 0.588530] ACPI: Added _OSI(3.0 _SCP Extensions) >[ 0.589790] ACPI: Added _OSI(Processor Aggregator Device) >[ 0.591534] ACPI Error: Illegal I/O port address/length above 64K: C806E00000004002/0x2 (20170303/hwvalid-155) >[ 0.594351] ACPI Exception: AE_LIMIT, Unable to initialize fixed events (20170303/evevent-88) >[ 0.597858] ACPI: Unable to start the ACPI Interpreter >[ 0.599162] ACPI Error: Could not remove SCI handler (20170303/evmisc-281) >[ 0.601836] kmem_cache_destroy Acpi-Operand: Slab cache still has objects >[ 0.603556] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 4.12.0-rc5 #26 >[ 0.605159] Hardware name: innotek gmb_h virtual_box/virtual_box, BIOS virtual_box 12/01/2006 >[ 0.609177] Call Trace: >[ 0.610063] ? dump_stack+0x5c/0x81 >[ 0.611118] ? kmem_cache_destroy+0x1aa/0x1c0 >[ 0.612632] ? acpi_sleep_proc_init+0x27/0x27 >[ 0.613906] ? acpi_os_delete_cache+0xa/0x10 >[ 0.617986] ? acpi_ut_delete_caches+0x3f/0x7b >[ 0.619293] ? acpi_terminate+0xa/0x14 >[ 0.620394] ? acpi_init+0x2af/0x34f >[ 0.621616] ? __class_create+0x4c/0x80 >[ 0.623412] ? video_setup+0x7f/0x7f >[ 0.624585] ? acpi_sleep_proc_init+0x27/0x27 >[ 0.625861] ? do_one_initcall+0x4e/0x1a0 >[ 0.627513] ? kernel_init_freeable+0x19e/0x21f >[ 0.628972] ? rest_init+0x80/0x80 >[ 0.630043] ? kernel_init+0xa/0x100 >[ 0.631084] ? ret_from_fork+0x25/0x30 >[ 0.633343] vgaarb: loaded >[ 0.635036] EDAC MC: Ver: 3.0.0 >[ 0.638601] PCI: Probing PCI hardware >[ 0.639833] PCI host bridge to bus 0000:00 >[ 0.641031] pci_bus 0000:00: root bus resource [io 0x0000-0xffff] > ... Continue to boot and log is omitted ... I analyzed this memory leak in detail and found acpi_ds_obj_stack_pop_and_ delete() function miscalculated the top of the stack. acpi_ds_obj_stack_push() function uses walk_state->operand_index for start position of the top, but acpi_ds_obj_stack_pop_and_delete() function considers index 0 for it. Therefore, this causes acpi operand memory leak. This cache leak causes a security threat because an old kernel (<= 4.9) shows memory locations of kernel functions in stack dump. Some malicious users could use this information to neutralize kernel ASLR. I made a patch to fix ACPI operand cache leak.
来源: 美国国家漏洞数据库 NVD
CVSS Information
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Linux kernel 安全漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于ACPICA在操作数缓存中存在内存泄漏。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD

受影响产品

厂商产品影响版本CPE订阅
LinuxLinux 773069d48030e670cf2032a13ddf16a2e0034df3 ~ 4fa430a8bca708c7776f6b9d001257f48b19a5b7 -
LinuxLinux 2.6.26 -

二、漏洞 CVE-2025-38345 的公开POC

#POC 描述源链接神龙链接
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC

三、漏洞 CVE-2025-38345 的情报信息

登录查看更多情报信息。

CVE-2025-38345 补丁与修复 (1)

同批安全公告 · Linux · 2025-07-10 · 共 84 条

CVE-2025-38318Linux kernel 安全漏洞
CVE-2025-38327Linux kernel 安全漏洞
CVE-2025-38314Linux kernel 安全漏洞
CVE-2025-38316Linux kernel 安全漏洞
CVE-2025-38312Linux kernel 安全漏洞
CVE-2025-38310Linux kernel 安全漏洞
CVE-2025-38309Linux kernel 安全漏洞
CVE-2025-38308Linux kernel 安全漏洞
CVE-2025-38306Linux kernel 安全漏洞
CVE-2025-38311Linux kernel 安全漏洞
CVE-2025-38315Linux kernel 安全漏洞
CVE-2025-38317Linux kernel 安全漏洞
CVE-2025-38319Linux kernel 安全漏洞
CVE-2025-38320Linux kernel 安全漏洞
CVE-2025-38321Linux kernel 安全漏洞
CVE-2025-38322Linux kernel 安全漏洞
CVE-2025-38323Linux kernel 安全漏洞
CVE-2025-38324Linux kernel 安全漏洞
CVE-2025-38325Linux kernel 安全漏洞
CVE-2025-38326Linux kernel 安全漏洞

显示前 20 条,共 84 条。 查看全部 &rarr; →

IV. Related Vulnerabilities

V. Comments for CVE-2025-38345

暂无评论


发表评论