目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1336 CNY

100%

CVE-2025-71128— Linux kernel 安全漏洞

AI Predicted 5.5 Difficulty: Moderate EPSS 0.12% · P3

Possible ATT&CK Techniques 1AI

T1211 · Exploitation for Stealth

Affected Version Matrix 6

ベンダープロダクトVersion Rangeステータス
LinuxLinuxbb5e62f2d547c4de6d1b144cbce2373a76c33f18< b282b2a9eed848587c1348abdd5d83fa346a2743affected
bb5e62f2d547c4de6d1b144cbce2373a76c33f18< 35ddf66c65eff93fff91406756ba273600bf61a3affected
6.15affected
< 6.15unaffected
6.18.4≤ 6.18.*unaffected
6.19≤ *unaffected
新しい脆弱性情報の通知を購読するログインして購読

I. CVE-2025-71128の基本情報

脆弱性情報

脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗

高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。

脆弱性タイトル
erspan: Initialize options_len before referencing options.
ソース: NVD (National Vulnerability Database)
脆弱性説明
In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize options_len before referencing options. The struct ip_tunnel_info has a flexible array member named options that is protected by a counted_by(options_len) attribute. The compiler will use this information to enforce runtime bounds checking deployed by FORTIFY_SOURCE string helpers. As laid out in the GCC documentation, the counter must be initialized before the first reference to the flexible array member. After scanning through the files that use struct ip_tunnel_info and also refer to options or options_len, it appears the normal case is to use the ip_tunnel_info_opts_set() helper. Said helper would initialize options_len properly before copying data into options, however in the GRE ERSPAN code a partial update is done, preventing the use of the helper function. Before this change the handling of ERSPAN traffic in GRE tunnels would cause a kernel panic when the kernel is compiled with GCC 15+ and having FORTIFY_SOURCE configured: memcpy: detected buffer overflow: 4 byte write of buffer size 0 Call Trace: <IRQ> __fortify_panic+0xd/0xf erspan_rcv.cold+0x68/0x83 ? ip_route_input_slow+0x816/0x9d0 gre_rcv+0x1b2/0x1c0 gre_rcv+0x8e/0x100 ? raw_v4_input+0x2a0/0x2b0 ip_protocol_deliver_rcu+0x1ea/0x210 ip_local_deliver_finish+0x86/0x110 ip_local_deliver+0x65/0x110 ? ip_rcv_finish_core+0xd6/0x360 ip_rcv+0x186/0x1a0 Reported-at: https://launchpad.net/bugs/2129580
ソース: NVD (National Vulnerability Database)
CVSS情報
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Linux kernel 安全漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于未初始化options_len,可能导致越界访问。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)

影響を受ける製品

ベンダープロダクト影響を受けるバージョンCPE購読
LinuxLinux bb5e62f2d547c4de6d1b144cbce2373a76c33f18 ~ b282b2a9eed848587c1348abdd5d83fa346a2743 -
LinuxLinux 6.15 -

II. CVE-2025-71128の公開POC

#POC説明ソースリンクShenlongリンク
AI生成POCプレミアム

公開POCは見つかりませんでした。

ログインしてAI POCを生成

III. CVE-2025-71128のインテリジェンス情報

登录查看更多情报信息。

Same Patch Batch · Linux · 2026-01-14 · 43 CVEs total

CVE-2025-71112net: hns3: add VLAN id validation before using
CVE-2025-71122iommufd/selftest: Check for overflow in IOMMU_TEST_OP_ADD_RESERVED
CVE-2025-71108usb: typec: ucsi: Handle incorrect num_connectors capability
CVE-2025-71110mm/slub: reset KASAN tag in defer_free() before accessing freed memory
CVE-2025-71109MIPS: ftrace: Fix memory corruption when kernel is located beyond 32 bits
CVE-2025-71105f2fs: use global inline_xattr_slab instead of per-sb slab cache
CVE-2025-71104KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer
CVE-2025-71103drm/msm: adreno: fix deferencing ifpc_reglist when not declared
CVE-2025-71102scs: fix a wrong parameter in __scs_magic
CVE-2025-71106fs: PM: Fix reverse check in filesystems_freeze_callback()
CVE-2025-71111hwmon: (w83791d) Convert macros to functions to avoid TOCTOU
CVE-2025-71113crypto: af_alg - zero initialize memory allocated via sock_kmalloc
CVE-2025-71114via_wdt: fix critical boot hang due to unnamed resource allocation
CVE-2025-71115um: init cpu_tasks[] earlier
CVE-2025-71116libceph: make decode_pool() more resilient against corrupted osdmaps
CVE-2025-71117block: Remove queue freezing from several sysfs store callbacks
CVE-2025-71118ACPICA: Avoid walking the Namespace if start_node is NULL
CVE-2025-71120SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf
CVE-2025-71119powerpc/kexec: Enable SMT before waking offline CPUs
CVE-2025-71121parisc: Do not reprogram affinitiy on ASP chip

Showing 20 of 43 CVEs. View all on vendor page →

IV. 関連脆弱性

V. CVE-2025-71128へのコメント

匿名ユーザー
2026-01-15 06:08:13

Zaproxy alias impedit expedita quisquam pariatur exercitationem. Nemo rerum eveniet dolores rem quia dignissimos.


コメントを残す