CVE-2025-40178— Linux kernel 安全漏洞
新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2025-40178の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
pid: Add a judgment for ns null in pid_nr_ns
ソース: NVD (National Vulnerability Database)
脆弱性説明
In the Linux kernel, the following vulnerability has been resolved: pid: Add a judgment for ns null in pid_nr_ns __task_pid_nr_ns ns = task_active_pid_ns(current); pid_nr_ns(rcu_dereference(*task_pid_ptr(task, type)), ns); if (pid && ns->level <= pid->level) { Sometimes null is returned for task_active_pid_ns. Then it will trigger kernel panic in pid_nr_ns. For example: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000058 Mem abort info: ESR = 0x0000000096000007 EC = 0x25: DABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x07: level 3 translation fault Data abort info: ISV = 0, ISS = 0x00000007, ISS2 = 0x00000000 CM = 0, WnR = 0, TnD = 0, TagAccess = 0 GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 user pgtable: 4k pages, 39-bit VAs, pgdp=00000002175aa000 [0000000000000058] pgd=08000002175ab003, p4d=08000002175ab003, pud=08000002175ab003, pmd=08000002175be003, pte=0000000000000000 pstate: 834000c5 (Nzcv daIF +PAN -UAO +TCO +DIT -SSBS BTYPE=--) pc : __task_pid_nr_ns+0x74/0xd0 lr : __task_pid_nr_ns+0x24/0xd0 sp : ffffffc08001bd10 x29: ffffffc08001bd10 x28: ffffffd4422b2000 x27: 0000000000000001 x26: ffffffd442821168 x25: ffffffd442821000 x24: 00000f89492eab31 x23: 00000000000000c0 x22: ffffff806f5693c0 x21: ffffff806f5693c0 x20: 0000000000000001 x19: 0000000000000000 x18: 0000000000000000 x17: 00000000529c6ef0 x16: 00000000529c6ef0 x15: 00000000023a1adc x14: 0000000000000003 x13: 00000000007ef6d8 x12: 001167c391c78800 x11: 00ffffffffffffff x10: 0000000000000000 x9 : 0000000000000001 x8 : ffffff80816fa3c0 x7 : 0000000000000000 x6 : 49534d702d535449 x5 : ffffffc080c4c2c0 x4 : ffffffd43ee128c8 x3 : ffffffd43ee124dc x2 : 0000000000000000 x1 : 0000000000000001 x0 : ffffff806f5693c0 Call trace: __task_pid_nr_ns+0x74/0xd0 ... __handle_irq_event_percpu+0xd4/0x284 handle_irq_event+0x48/0xb0 handle_fasteoi_irq+0x160/0x2d8 generic_handle_domain_irq+0x44/0x60 gic_handle_irq+0x4c/0x114 call_on_irq_stack+0x3c/0x74 do_interrupt_handler+0x4c/0x84 el1_interrupt+0x34/0x58 el1h_64_irq_handler+0x18/0x24 el1h_64_irq+0x68/0x6c account_kernel_stack+0x60/0x144 exit_task_stack_account+0x1c/0x80 do_exit+0x7e4/0xaf8 ... get_signal+0x7bc/0x8d8 do_notify_resume+0x128/0x828 el0_svc+0x6c/0x70 el0t_64_sync_handler+0x68/0xbc el0t_64_sync+0x1a8/0x1ac Code: 35fffe54 911a02a8 f9400108 b4000128 (b9405a69) ---[ end trace 0000000000000000 ]--- Kernel panic - not syncing: Oops: Fatal exception in interrupt
ソース: NVD (National Vulnerability Database)
CVSS情報
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Linux kernel 安全漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于pid_nr_ns函数未检查ns空指针,可能导致内核崩溃。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)
影響を受ける製品
II. CVE-2025-40178の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2025-40178のインテリジェンス情報
请登录查看更多情报信息。
Same Patch Batch · Linux · 2025-11-12 · 96 CVEs total
| CVE-2025-40175 | idpf: cleanup remaining SKBs in PTP flows | |
| CVE-2025-40170 | net: use dst_dev_rcu() in sk_setup_caps() | |
| CVE-2025-40171 | nvmet-fc: move lsop put work to nvmet_fc_ls_req_op | |
| CVE-2025-40167 | ext4: detect invalid INLINE_DATA + EXTENTS flag combination | |
| CVE-2025-40164 | usbnet: Fix using smp_processor_id() in preemptible code warnings | |
| CVE-2025-40162 | ASoC: amd/sdw_utils: avoid NULL deref when devm_kasprintf() fails | |
| CVE-2025-40163 | sched/deadline: Stop dl_server before CPU goes offline | |
| CVE-2025-40161 | mailbox: zynqmp-ipi: Fix SGI cleanup on unbind | |
| CVE-2025-40166 | drm/xe/guc: Check GuC running state before deregistering exec queue | |
| CVE-2025-40174 | x86/mm: Fix SMP ordering in switch_mm_irqs_off() | |
| CVE-2025-40172 | accel/qaic: Treat remaining == 0 as error in find_and_map_user_pages() | |
| CVE-2025-40176 | tls: wait for pending async decryptions if tls_strp_msg_hold fails | |
| CVE-2025-40173 | net/ip6_tunnel: Prevent perpetual tunnel growth | |
| CVE-2025-40177 | accel/qaic: Fix bootlog initialization ordering | |
| CVE-2025-40179 | ext4: verify orphan file size is not too big | |
| CVE-2025-40180 | mailbox: zynqmp-ipi: Fix out-of-bounds access in mailbox cleanup loop | |
| CVE-2025-40181 | x86/kvm: Force legacy PCI hole to UC when overriding MTRRs for TDX/SNP | |
| CVE-2025-40183 | bpf: Fix metadata_dst leak __bpf_redirect_neigh_v{4,6} | |
| CVE-2025-40182 | crypto: skcipher - Fix reqsize handling | |
| CVE-2025-40184 | KVM: arm64: Fix debug checking for np-guests using huge mappings |
Showing 20 of 96 CVEs. View all on vendor page →
IV. 関連脆弱性
同じ製品: Linux
- CVE-2026-43500
rxrpc: Also unshare DATA/RESPONSE packets when paged frags a - CVE-2026-43475
scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT - CVE-2026-43474
fs: init flags_valid before calling vfs_fileattr_get - CVE-2026-43473
scsi: mpi3mr: Add NULL checks when resetting request and rep - CVE-2026-43472
unshare: fix unshare_fs() handling
同じベンダー: Linux
- CVE-2026-43500
rxrpc: Also unshare DATA/RESPONSE packets when paged frags a - CVE-2026-43475
scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT - CVE-2026-43474
fs: init flags_valid before calling vfs_fileattr_get - CVE-2026-43473
scsi: mpi3mr: Add NULL checks when resetting request and rep - CVE-2026-43472
unshare: fix unshare_fs() handling
V. CVE-2025-40178へのコメント
まだコメントはありません