检测

Linux Distros 未修补的漏洞:CVE-2025-40351

medium Nessus 插件 ID 279021

语言:

简介

Linux/Unix 主机上安装的一个或多个程序包存在漏洞,但供应商表示不会修补此漏洞。

描述

Linux/Unix 主机中安装的一个或多个程序包受到一个漏洞影响,而供应商没有提供补丁程序。

 - hfsplus修复 hfsplus_delete_cat() 中的 KMSAN uninit-value 问题 syzbot 在 hfsplus_delete_cat() 中报告问题 [ 70.682285][ T9333] ==================== ================================= [70.682943][ T9333] 缺陷KMSAN hfsplus_subfolders_dec 中的 uninit-value +0x1d7/0x220 [ 70.683640][ T9333] hfsplus_subfolders_dec+0x1d7/0x220 [ 70.684141][ T9333] hfsplus_delete_cat+0x105d/0x12b0 [ 70.684621][T9333] hfsplus_rmdir+0x13d/0x310 [ 70.685048][ T9333] vfs_rmdir+0x5ba/0x810 [ 70.685447][ T9333] do_rmdir+0x964/0xea0 [ 70.685833][ T9333] __x64_sys_rmdir+0x71/0xb0 [ 70.686260][ T9333] x64_sys_call+0xcd8/0x3cf0 [ 70.686695][ T9333] do_syscall_64+0xd9/0x1d0 [ 70.687119][ T9333] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.687646][ T9333] [ 70.687856][ T9333] Uninit 已存储到内存[ 70.688311][ T9333] hfsplus_subfolders_inc+0x1c2/0x1d0 [ 70.688779][ T9333] hfsplus_create_cat+0x148e/0x1800 [ 70.689231][ T9333] hfsplus_mknod+0x27f/0x600 [ 70.689730][ T9333] hfsplus_mkdir+0x5a/0x70 [ 70.690146] [ T9333] vfs_mkdir+0x483/0x7a0 [ 70.690545][ T9333] do_mkdirat+0x3f2/0xd30 [ 70.690944][ T9333] __x64_sys_mkdir+0x9a/0xf0 [ 70.691380][ T9333] x64_sys_call+0x2f89 /0x3cf0 [ 70.691816][ T9333] do_syscall_64+0xd9/0x1d0 [ 70.692229][ T9333] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.692773][ T9333] [ 70.692990][ T9333] Uninit 已存储到内存[ 70.693469][ T9333] hfsplus_subfolders_inc+0x1c2/0x1d0 [ 70.693960][ T9333] hfsplus_create_cat+0x148e/0x1800 [ 70.694438][ T9333] hfsplus_fill_super+0x21c1/0x2700 [ 70.694911][T9333] mount_bdev+ 0x37b/0x530 [ 70.695320][ T9333] hfsplus_mount+0x4d/0x60 [ 70.695729][ T9333] Legacy_get_tree+0x113/0x2c0 [ 70.696167][ T9333] vfs_get_tree+0xb3/0x5c0 [ 70.696588][ T9333] do_new_mount+0x73e/0x1630 [ 70.697013][ T9333] path_mount+0x6e3/0x1eb0 [ 70.697425][ T9333]
 __se_sys_mount+0x733/0x830 [ 70.697857][ T9333] __x64_sys_mount+0xe4/0x150 [ 70.698269][ T9333] x64_sys_call+0x2691/0x3cf0 [ 70.698704][ T9333] do_syscall_64+0xd9/0x1d0 [ 70.699117][ T9333] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.699730][ T9333] [ 70.699946][ T9333] Uninit 的创建地址
 [ 70.700378][ T9333] __alloc_pages_noprof+0x714/0xe60 [ 70.700843][ T9333] alloc_pages_mpol_noprof+0x2a2/0x9b0 [ 70.701331][ T9333] alloc_pages_noprof+0xf8/0x1f0 [ 70.701774][T9333] allocate_slab+0x30e /0x1390 [ 70.702194][ T9333] ___slab_alloc+0x1049/0x33a0 [ 70.702635][ T9333] kmem_cache_alloc_lru_noprof+0x5ce/0xb20 [ 70.703153][ T9333] hfsplus_alloc_inode+0x5a/0xd0 [ 70.703598][T9333] alloc_inode +0x82/0x490 [ 70.703984][ T9333] iget_locked+0x22e/0x1320 [ 70.704428][ T9333] hfsplus_iget+0x5c/0xba0 [ 70.704827][ T9333] hfsplus_btree_open+0x135/0x1dd0 [ 70.705291][ T9333] hfsplus_fill_super+0x1132/0x2700 [ 70.705776][ T9333] mount_bdev+0x37b/0x530 [ 70.706171][ T9333] hfsplus_mount+0x4d/0x60 [ 70.706579][ T9333] Legacy_get_tree+0x113/0x2c0 [ 70.707019][ T9333] vfs_get_tree+0xb3/0x5c0 [ 70.707444][ T9333] do_new_mount+0x73e/0x1630 [ 70.707865][ T9333] path_mount+0x6e3/0x1eb0 [ 70.708270][ T9333] __se_sys_mount+0x733/0x830 [ 70.708711][ T9333]
 __x64_sys_mount+0xe4/0x150 [ 70.709158][ T9333] x64_sys_call+0x2691/0x3cf0 [ 70.709630][ T9333] do_syscall_64+0xd9/0x1d0 [ 70.710053][ T9333] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.710611][T9333] [ 70.710842][ T9333] CPU: 3 UID: 0 PID: 9333 Comm: repro Not tainted 6.12.0-rc6-dirty #17 [70.711568][ T9333] 硬件名称QEMU Ubuntu 24.04 PC ( i440FX + PIIX,1996,BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 70.712490][ T9333] ================== =================================== [ 70.713085][ T9333] 由于内核感染而禁用锁定调试[ 70.713618][ T9333] 内核错误 - 不同步kmsan.panic 设置了 ... [ 70.714159][ T9333] ---truncated--- (CVE-2025-40351)

请注意,Nessus 依赖供应商报告的程序包是否存在进行判断。

解决方案

目前尚未有任何已知的解决方案。

另见

https://ubuntu.com/security/CVE-2025-40351

插件详情

严重性: Medium

ID: 279021

文件名: unpatched_CVE_2025_40351.nasl

版本: 1.1

类型: local

代理: unix

系列: Misc.

发布时间: 2025/12/17

最近更新时间: 2025/12/17

支持的传感器: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

风险信息

VPR

风险因素: Low

分数: 3.2

漏洞信息

CPE: p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-6.11, p-cpe:/a:canonical:ubuntu_linux:linux-nvidia-6.11, p-cpe:/a:canonical:ubuntu_linux:linux-azure-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-hwe, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-5.15, cpe:/o:canonical:ubuntu_linux:16.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.4, cpe:/o:canonical:ubuntu_linux:22.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:linux-starfive-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.3, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-edge, p-cpe:/a:canonical:ubuntu_linux:linux, p-cpe:/a:canonical:ubuntu_linux:linux-intel-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-intel-iotg-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.0, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-nvidia-lowlatency, p-cpe:/a:canonical:ubuntu_linux:linux-aws-6.14, p-cpe:/a:canonical:ubuntu_linux:linux-riscv-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-6.11, p-cpe:/a:canonical:ubuntu_linux:linux-realtime-6.8, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-6.14, p-cpe:/a:canonical:ubuntu_linux:linux-riscv-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-nvidia-6.5, cpe:/o:canonical:ubuntu_linux:24.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:linux-kvm, p-cpe:/a:canonical:ubuntu_linux:linux-raspi, p-cpe:/a:canonical:ubuntu_linux:linux-oracle, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-6.14, p-cpe:/a:canonical:ubuntu_linux:linux-raspi-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-ibm-6.8, p-cpe:/a:canonical:ubuntu_linux:linux-ibm-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-aws-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-riscv-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-riscv, p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.17, p-cpe:/a:canonical:ubuntu_linux:linux-nvidia, p-cpe:/a:canonical:ubuntu_linux:linux-gcp, p-cpe:/a:canonical:ubuntu_linux:linux-gke-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.3, p-cpe:/a:canonical:ubuntu_linux:linux-ibm-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-azure-edge, p-cpe:/a:canonical:ubuntu_linux:linux-azure-fde, p-cpe:/a:canonical:ubuntu_linux:linux-azure-6.11, p-cpe:/a:canonical:ubuntu_linux:linux-aws-6.8, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-riscv-5.8, p-cpe:/a:canonical:ubuntu_linux:linux-starfive-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-azure, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.3, p-cpe:/a:canonical:ubuntu_linux:linux-raspi-realtime, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-6.8, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-gke, p-cpe:/a:canonical:ubuntu_linux:linux-nvidia-tegra-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-6.8, p-cpe:/a:canonical:ubuntu_linux:linux-oem-6.14, p-cpe:/a:canonical:ubuntu_linux:linux-oem, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.19, cpe:/o:canonical:ubuntu_linux:25.04, cpe:/o:canonical:ubuntu_linux:18.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-allwinner-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-azure-nvidia, p-cpe:/a:canonical:ubuntu_linux:linux-aws-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-nvidia-tegra, p-cpe:/a:canonical:ubuntu_linux:linux-azure-6.8, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.0, p-cpe:/a:canonical:ubuntu_linux:linux-xilinx, p-cpe:/a:canonical:ubuntu_linux:linux-nvidia-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-realtime-6.14, cpe:/o:canonical:ubuntu_linux:25.10, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-6.14, p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-oem-6.11, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.8, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-azure-nvidia-6.14, p-cpe:/a:canonical:ubuntu_linux:linux-azure-4.15, p-cpe:/a:canonical:ubuntu_linux:linux-ibm, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-aws, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-oem-6.17, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-azure-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.10, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-xilinx-zynqmp, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.3, p-cpe:/a:canonical:ubuntu_linux:linux-riscv-6.8, p-cpe:/a:canonical:ubuntu_linux:linux-oem-6.0, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-6.11, p-cpe:/a:canonical:ubuntu_linux:linux-raspi2, p-cpe:/a:canonical:ubuntu_linux:linux-intel-iot-realtime, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-gke-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-nvidia-6.8, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-6.8, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.8, p-cpe:/a:canonical:ubuntu_linux:linux-nvidia-tegra-igx, cpe:/o:canonical:ubuntu_linux:14.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:linux-realtime, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-riscv-6.14, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.6, p-cpe:/a:canonical:ubuntu_linux:linux-bluefield, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.8, p-cpe:/a:canonical:ubuntu_linux:linux-gkeop, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-intel-iotg, p-cpe:/a:canonical:ubuntu_linux:linux-oem-6.8, p-cpe:/a:canonical:ubuntu_linux:linux-oem-6.1, p-cpe:/a:canonical:ubuntu_linux:linux-azure-fde-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency, p-cpe:/a:canonical:ubuntu_linux:linux-azure-fde-6.8, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.8, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-riscv-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-iot, p-cpe:/a:canonical:ubuntu_linux:linux-gke-4.15, p-cpe:/a:canonical:ubuntu_linux:linux-azure-6.14, p-cpe:/a:canonical:ubuntu_linux:linux-starfive-6.2, cpe:/o:canonical:ubuntu_linux:20.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:linux-aws-hwe, p-cpe:/a:canonical:ubuntu_linux:linux-azure-fde-6.14, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.8, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-6.8, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-lts-xenial, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-oem-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.14, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-azure-fde-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-4.15, p-cpe:/a:canonical:ubuntu_linux:linux-azure-fde-6.2

必需的 KB 项: Host/local_checks_enabled, Host/cpu, global_settings/vendor_unpatched, Host/OS/identifier

易利用性: No known exploits are available

漏洞发布日期: 2025/12/16

参考资料信息

CVE: CVE-2025-40351