目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

CVE-2025-40096— Linux kernel 安全漏洞

AI 预测 7.8 利用难度: 中等 EPSS 0.18% · P8

可能的 ATT&CK 技术 1AI

T1211 · Exploitation for Stealth

影响版本矩阵 12

厂商产品版本范围状态
LinuxLinux963d0b3569354230f6e2c36a286ef270a8901878< 4c38a63ae12ecc9370a7678077bde2d61aa80e9caffected
963d0b3569354230f6e2c36a286ef270a8901878< 57239762aa90ad768dac055021f27705dae73344affected
963d0b3569354230f6e2c36a286ef270a8901878< e5e3eb2aff92994ee81ce633f1c4e73bd4b87e11affected
963d0b3569354230f6e2c36a286ef270a8901878< fdfb47e85af1e11ec822c82739dde2dd8dff5115affected
963d0b3569354230f6e2c36a286ef270a8901878< 5801e65206b065b0b2af032f7f1eef222aa2fd83affected
5.16affected
< 5.16unaffected
6.1.158≤ 6.1.*unaffected
… +4 条更多
获取后续新漏洞提醒登录后订阅

一、 漏洞 CVE-2025-40096 基础信息

漏洞信息

对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

Vulnerability Title
drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies When adding dependencies with drm_sched_job_add_dependency(), that function consumes the fence reference both on success and failure, so in the latter case the dma_fence_put() on the error path (xarray failed to expand) is a double free. Interestingly this bug appears to have been present ever since commit ebd5f74255b9 ("drm/sched: Add dependency tracking"), since the code back then looked like this: drm_sched_job_add_implicit_dependencies(): ... for (i = 0; i < fence_count; i++) { ret = drm_sched_job_add_dependency(job, fences[i]); if (ret) break; } for (; i < fence_count; i++) dma_fence_put(fences[i]); Which means for the failing 'i' the dma_fence_put was already a double free. Possibly there were no users at that time, or the test cases were insufficient to hit it. The bug was then only noticed and fixed after commit 9c2ba265352a ("drm/scheduler: use new iterator in drm_sched_job_add_implicit_dependencies v2") landed, with its fixup of commit 4eaf02d6076c ("drm/scheduler: fix drm_sched_job_add_implicit_dependencies"). At that point it was a slightly different flavour of a double free, which commit 963d0b356935 ("drm/scheduler: fix drm_sched_job_add_implicit_dependencies harder") noticed and attempted to fix. But it only moved the double free from happening inside the drm_sched_job_add_dependency(), when releasing the reference not yet obtained, to the caller, when releasing the reference already released by the former in the failure case. As such it is not easy to identify the right target for the fixes tag so lets keep it simple and just continue the chain. While fixing we also improve the comment and explain the reason for taking the reference and not dropping it.
来源: 美国国家漏洞数据库 NVD
CVSS Information
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Linux kernel 安全漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于drm_sched_job_add_resv_dependencies函数中可能发生双重释放。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD

受影响产品

厂商产品影响版本CPE订阅
LinuxLinux 963d0b3569354230f6e2c36a286ef270a8901878 ~ 4c38a63ae12ecc9370a7678077bde2d61aa80e9c -
LinuxLinux 5.16 -

二、漏洞 CVE-2025-40096 的公开POC

#POC 描述源链接神龙链接
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC

三、漏洞 CVE-2025-40096 的情报信息

登录查看更多情报信息。

CVE-2025-40096 补丁与修复 (1)

同批安全公告 · Linux · 2025-10-30 · 共 20 条

CVE-2025-40095Linux kernel 安全漏洞
CVE-2025-40105Linux kernel 安全漏洞
CVE-2025-40104Linux kernel 安全漏洞
CVE-2025-40103Linux kernel 安全漏洞
CVE-2025-40102Linux kernel 安全漏洞
CVE-2025-40100Linux kernel 安全漏洞
CVE-2025-40101Linux kernel 安全漏洞
CVE-2025-40099Linux kernel 安全漏洞
CVE-2025-40098Linux kernel 安全漏洞
CVE-2025-40097Linux kernel 安全漏洞
CVE-2025-40086Linux kernel 安全漏洞
CVE-2025-40094Linux kernel 安全漏洞
CVE-2025-40093Linux kernel 安全漏洞
CVE-2025-40092Linux kernel 安全漏洞
CVE-2025-40090Linux kernel 安全漏洞
CVE-2025-40091Linux kernel 安全漏洞
CVE-2025-40089Linux kernel 安全漏洞
CVE-2025-40088Linux kernel 安全漏洞
CVE-2025-40087Linux kernel 安全漏洞

IV. Related Vulnerabilities

V. Comments for CVE-2025-40096

暂无评论


发表评论