Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Linux Distros Unpatched Vulnerability : CVE-2025-38475

🗓️ 18 Aug 2025 00:00:00Reported by TenableType 
nessus
 nessus🔗 www.tenable.com👁 4 Views

CVE-2025-38475: Unpatched; inet_sock in smc_sock causes double-free; make inet_sock first member.

Related
Refs
Code
ReporterTitlePublishedViews
Family
ATTACKERKB		CVE-2025-38475
28 Jul 202511:21
attackerkb
Tenable Nessus		Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2025-1145)
9 Aug 202500:00
nessus
Tenable Nessus		Debian dsa-5975 : ata-modules-6.12.31-armmp-di - security update
8 Dec 202500:00
nessus
Tenable Nessus		openSUSE 16 Security Update : kernel (openSUSE-SU-2025-20081-1)
2 Dec 202500:00
nessus
Tenable Nessus		Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20551)
9 Sep 202500:00
nessus
Tenable Nessus		SUSE SLES15 Security Update : kernel (SUSE-SU-2025:02853-1)
19 Aug 202500:00
nessus
Tenable Nessus		SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2025:02997-1)
28 Aug 202500:00
nessus
Tenable Nessus		SUSE SLES15 Security Update : kernel (SUSE-SU-2025:03011-1)
29 Aug 202500:00
nessus
Tenable Nessus		Ubuntu 24.04 LTS / 25.04 : Linux kernel vulnerabilities (USN-7879-1)
24 Nov 202500:00
nessus
Tenable Nessus		Ubuntu 24.04 LTS : Linux kernel (OEM) vulnerabilities (USN-7880-1)
24 Nov 202500:00
nessus
Rows per page
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(251356);
  script_version("1.21");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/05/21");

  script_cve_id("CVE-2025-38475");

  script_name(english:"Linux Distros Unpatched Vulnerability : CVE-2025-38475");

  script_set_attribute(attribute:"synopsis", value:
"The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be
patched.");
  script_set_attribute(attribute:"description", value:
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied
patch available.

  - In the Linux kernel, the following vulnerability has been resolved: smc: Fix various oops due to inet_sock
    type confusion. syzbot reported weird splats [0][1] in cipso_v4_sock_setattr() while freeing
    inet_sk(sk)->inet_opt. The address was freed multiple times even though it was read-only memory.
    cipso_v4_sock_setattr() did nothing wrong, and the root cause was type confusion. The cited commit made it
    possible to create smc_sock as an INET socket. The issue is that struct smc_sock does not have struct
    inet_sock as the first member but hijacks AF_INET and AF_INET6 sk_family, which confuses various places.
    In this case, inet_sock.inet_opt was actually smc_sock.clcsk_data_ready(), which is an address of a
    function in the text segment. $ pahole -C inet_sock vmlinux struct inet_sock { ... struct ip_options_rcu *
    inet_opt; /* 784 8 */ $ pahole -C smc_sock vmlinux struct smc_sock { ... void (*clcsk_data_ready)(struct
    sock *); /* 784 8 */ The same issue for another field was reported before. [2][3] At that time, an ugly
    hack was suggested [4], but it makes both INET and SMC code error-prone and hard to change. Also, yet
    another variant was fixed by a hacky commit 98d4435efcbf3 (net/smc: prevent NULL pointer dereference in
    txopt_get). Instead of papering over the root cause by such hacks, we should not allow non-INET socket to
    reuse the INET infra. Let's add inet_sock as the first member of smc_sock. [0]: kvfree_call_rcu(): Double-
    freed call. rcu_head 000000006921da73 WARNING: CPU: 0 PID: 6718 at mm/slab_common.c:1956
    kvfree_call_rcu+0x94/0x3f0 mm/slab_common.c:1955 Modules linked in: CPU: 0 UID: 0 PID: 6718 Comm: syz.0.17
    Tainted: G W 6.16.0-rc4-syzkaller-g7482bb149b9f #0 PREEMPT Tainted: [W]=WARN Hardware name: Google Google
    Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 pstate: 60400005 (nZCv daif +PAN -UAO -TCO
    -DIT -SSBS BTYPE=--) pc : kvfree_call_rcu+0x94/0x3f0 mm/slab_common.c:1955 lr : kvfree_call_rcu+0x94/0x3f0
    mm/slab_common.c:1955 sp : ffff8000a03a7730 x29: ffff8000a03a7730 x28: 00000000fffffff5 x27:
    1fffe000184823d3 x26: dfff800000000000 x25: ffff0000c2411e9e x24: ffff0000dd88da00 x23: ffff8000891ac9a0
    x22: 00000000ffffffea x21: ffff8000891ac9a0 x20: ffff8000891ac9a0 x19: ffff80008afc2480 x18:
    00000000ffffffff x17: 0000000000000000 x16: ffff80008ae642c8 x15: ffff700011ede14c x14: 1ffff00011ede14c
    x13: 0000000000000004 x12: ffffffffffffffff x11: ffff700011ede14c x10: 0000000000ff0100 x9 :
    5fa3c1ffaf0ff000 x8 : 5fa3c1ffaf0ff000 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff8000a03a7078
    x4 : ffff80008f766c20 x3 : ffff80008054d360 x2 : 0000000000000000 x1 : 0000000000000201 x0 :
    0000000000000000 Call trace: kvfree_call_rcu+0x94/0x3f0 mm/slab_common.c:1955 (P)
    cipso_v4_sock_setattr+0x2f0/0x3f4 net/ipv4/cipso_ipv4.c:1914 netlbl_sock_setattr+0x240/0x334
    net/netlabel/netlabel_kapi.c:1000 smack_netlbl_add+0xa8/0x158 security/smack/smack_lsm.c:2581
    smack_inode_setsecurity+0x378/0x430 security/smack/smack_lsm.c:2912 security_inode_setsecurity+0x118/0x3c0
    security/security.c:2706 __vfs_setxattr_noperm+0x174/0x5c4 fs/xattr.c:251
    __vfs_setxattr_locked+0x1ec/0x218 fs/xattr.c:295 vfs_setxattr+0x158/0x2ac fs/xattr.c:321 do_setxattr
    fs/xattr.c:636 [inline] file_setxattr+0x1b8/0x294 fs/xattr.c:646 path_setxattrat+0x2ac/0x320
    fs/xattr.c:711 __do_sys_fsetxattr fs/xattr.c:761 [inline] __se_sys_fsetxattr fs/xattr.c:758 [inline]
    __arm64_sys_fsetxattr+0xc0/0xdc fs/xattr.c:758 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
    invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49 el0_svc_common+0x130/0x23c
    arch/arm64/kernel/syscall.c:132 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151 el0_svc+0x58/0x180
    arch/arm64/kernel/entry-common.c:879 el0t_64_sync_handler+0x84/0x12c arch/arm64/kernel/entry-common.c:898
    el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600 [ ---truncated--- (CVE-2025-38475)

Note that Nessus relies on the presence of the package as reported by the vendor.");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/CVE-2025-38475");
  script_set_attribute(attribute:"solution", value:
"There is no known solution at this time.");
  script_set_attribute(attribute:"agent", value:"unix");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:U/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:U/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-38475");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"vendor_unpatched", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2025/07/28");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/08/18");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:20.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:22.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:24.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:25.04");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:25.10");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-allwinner-5.19");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.11");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.13");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.19");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.3");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.8");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-aws-6.2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-aws-6.5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-azure");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.11");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.13");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.19");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.3");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.8");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-azure-6.11");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-azure-6.2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-azure-6.5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-azure-edge");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-azure-fde");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-azure-fde-5.19");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-azure-fde-6.14");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-azure-fde-6.17");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-azure-fde-6.2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-azure-nvidia-6.14");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-gcp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.11");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.13");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.19");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.3");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.8");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-6.11");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-6.2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-6.5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-gke");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-gke-4.15");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-gke-5.15");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-gke-5.4");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-gkeop");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-5.15");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-5.4");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-hwe");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.13");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.19");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.8");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-6.11");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-6.2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-6.5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-edge");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-intel-5.13");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-intel-iot-realtime");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-5.19");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-6.11");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-6.2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-6.5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-nvidia-6.11");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-nvidia-6.2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-nvidia-6.5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-oem");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.10");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.13");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.14");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.17");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.6");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-oem-6.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-oem-6.1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-oem-6.11");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-oem-6.5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.11");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.13");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.3");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.8");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-6.5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-raspi-realtime");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-raspi2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-realtime");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-riscv");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-riscv-5.11");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-riscv-5.19");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-riscv-5.8");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-riscv-6.5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-starfive-5.19");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-starfive-6.2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-starfive-6.5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-xilinx");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2025-2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info2.nasl", "set_linux_os_id.nasl");
  script_require_keys("Host/cpu", "Host/local_checks_enabled", "global_settings/vendor_unpatched", "Host/OS/identifier");
  script_require_ports("Host/OS/Ubuntu Linux-16.04", "Host/OS/Ubuntu Linux-18.04", "Host/OS/Ubuntu Linux-20.04", "Host/OS/Ubuntu Linux-22.04", "Host/OS/Ubuntu Linux-24.04", "Host/OS/Ubuntu Linux-25.04", "Host/OS/Ubuntu Linux-25.10");

  exit(0);
}

if (!get_kb_item("global_settings/vendor_unpatched")) exit(0, "Unpatched Vulnerabilities Detection not active.");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (empty_or_null(get_one_kb_item("Host/Debian/dpkg-l"))) audit(AUDIT_PACKAGE_LIST_MISSING);

include('linux_unpatched.inc');

var distro_constraints_array = {
  "Ubuntu Linux-16.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "16.04",
        "pkgs": [
          {"reference": "linux-hwe-edge"}
        ]
      }
    ]
  },
  "Ubuntu Linux-18.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "18.04",
        "pkgs": [
          {"reference": "linux-aws-5.0"},
          {"reference": "linux-aws-5.3"},
          {"reference": "linux-azure-5.3"},
          {"reference": "linux-azure-cloud-tools-4.15.0"},
          {"reference": "linux-azure-edge"},
          {"reference": "linux-azure-headers-4.15.0"},
          {"reference": "linux-azure-tools-4.15.0"},
          {"reference": "linux-cloud-tools-4.15.0"},
          {"reference": "linux-gcp-5.3"},
          {"reference": "linux-gcp-headers-4.15.0"},
          {"reference": "linux-gcp-tools-4.15.0"},
          {"reference": "linux-gke-4.15"},
          {"reference": "linux-gke-5.4"},
          {"reference": "linux-gkeop-5.4"},
          {"reference": "linux-headers-4.15.0"},
          {"reference": "linux-hwe"},
          {"reference": "linux-hwe-edge"},
          {"reference": "linux-image-4.15.0"},
          {"reference": "linux-image-unsigned-4.15.0"},
          {"reference": "linux-modules-4.15.0"},
          {"reference": "linux-modules-extra-4.15.0"},
          {"reference": "linux-oem-headers-4.15.0"},
          {"reference": "linux-oem-tools-4.15.0"},
          {"reference": "linux-oracle-5.0"},
          {"reference": "linux-oracle-5.3"},
          {"reference": "linux-tools-4.15.0"},
          {"reference": "linux-udebs-azure"},
          {"reference": "linux-udebs-oem"}
        ]
      }
    ]
  },
  "Ubuntu Linux-20.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "20.04",
        "pkgs": [
          {"reference": "linux-aws-5.11"},
          {"reference": "linux-aws-5.13"},
          {"reference": "linux-aws-5.8"},
          {"reference": "linux-azure-5.11"},
          {"reference": "linux-azure-5.13"},
          {"reference": "linux-azure-5.8"},
          {"reference": "linux-azure-fde"},
          {"reference": "linux-buildinfo-5.4.0"},
          {"reference": "linux-buildinfo-5.6.0"},
          {"reference": "linux-cloud-tools-5.4.0"},
          {"reference": "linux-cloud-tools-5.6.0"},
          {"reference": "linux-gcp-5.11"},
          {"reference": "linux-gcp-5.13"},
          {"reference": "linux-gcp-5.8"},
          {"reference": "linux-gke"},
          {"reference": "linux-gke-5.15"},
          {"reference": "linux-gkeop"},
          {"reference": "linux-gkeop-5.15"},
          {"reference": "linux-headers-5.4.0"},
          {"reference": "linux-headers-5.6.0"},
          {"reference": "linux-hwe-5.11"},
          {"reference": "linux-hwe-5.13"},
          {"reference": "linux-hwe-5.8"},
          {"reference": "linux-image-5.4.0"},
          {"reference": "linux-image-unsigned-5.6.0"},
          {"reference": "linux-intel-5.13"},
          {"reference": "linux-libc-dev"},
          {"reference": "linux-modules-5.4.0"},
          {"reference": "linux-modules-5.6.0"},
          {"reference": "linux-modules-extra-5.4.0"},
          {"reference": "linux-modules-extra-5.6.0"},
          {"reference": "linux-oem-5.10"},
          {"reference": "linux-oem-5.13"},
          {"reference": "linux-oem-5.14"},
          {"reference": "linux-oem-5.6-headers-5.6.0"},
          {"reference": "linux-oem-5.6-tools-5.6.0"},
          {"reference": "linux-oem-5.6-tools-common"},
          {"reference": "linux-oem-5.6-tools-host"},
          {"reference": "linux-oracle-5.11"},
          {"reference": "linux-oracle-5.13"},
          {"reference": "linux-oracle-5.8"},
          {"reference": "linux-raspi2"},
          {"reference": "linux-riscv-5.11"},
          {"reference": "linux-riscv-5.8"},
          {"reference": "linux-riscv-headers-5.4.0"},
          {"reference": "linux-riscv-tools-5.4.0"},
          {"reference": "linux-tools-5.4.0"},
          {"reference": "linux-tools-5.6.0"},
          {"reference": "linux-udebs-generic"},
          {"reference": "linux-udebs-oem"}
        ]
      }
    ]
  },
  "Ubuntu Linux-22.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "22.04",
        "pkgs": [
          {"reference": "linux-allwinner-5.19"},
          {"reference": "linux-aws-5.19"},
          {"reference": "linux-aws-6.2"},
          {"reference": "linux-aws-6.5"},
          {"reference": "linux-azure-5.19"},
          {"reference": "linux-azure-6.2"},
          {"reference": "linux-azure-6.5"},
          {"reference": "linux-azure-fde-5.19"},
          {"reference": "linux-azure-fde-6.2"},
          {"reference": "linux-buildinfo-5.15.0"},
          {"reference": "linux-buildinfo-5.17.0"},
          {"reference": "linux-cloud-tools-5.15.0"},
          {"reference": "linux-cloud-tools-5.17.0"},
          {"reference": "linux-gcp-5.19"},
          {"reference": "linux-gcp-6.2"},
          {"reference": "linux-gcp-6.5"},
          {"reference": "linux-headers-5.15.0"},
          {"reference": "linux-headers-5.17.0"},
          {"reference": "linux-hwe-5.19"},
          {"reference": "linux-hwe-6.2"},
          {"reference": "linux-hwe-6.5"},
          {"reference": "linux-image-5.15.0"},
          {"reference": "linux-image-unsigned-5.17.0"},
          {"reference": "linux-intel-iot-realtime"},
          {"reference": "linux-lowlatency-hwe-5.19"},
          {"reference": "linux-lowlatency-hwe-6.2"},
          {"reference": "linux-lowlatency-hwe-6.5"},
          {"reference": "linux-modules-5.15.0"},
          {"reference": "linux-modules-5.17.0"},
          {"reference": "linux-modules-extra-5.15.0"},
          {"reference": "linux-modules-extra-5.17.0"},
          {"reference": "linux-nvidia-6.2"},
          {"reference": "linux-nvidia-6.5"},
          {"reference": "linux-oem-5.17-headers-5.17.0"},
          {"reference": "linux-oem-5.17-tools-5.17.0"},
          {"reference": "linux-oem-5.17-tools-host"},
          {"reference": "linux-oem-6.0"},
          {"reference": "linux-oem-6.1"},
          {"reference": "linux-oem-6.5"},
          {"reference": "linux-oracle-6.5"},
          {"reference": "linux-realtime"},
          {"reference": "linux-riscv-5.19"},
          {"reference": "linux-riscv-6.5"},
          {"reference": "linux-riscv-headers-5.15.0"},
          {"reference": "linux-riscv-tools-5.15.0"},
          {"reference": "linux-starfive-5.19"},
          {"reference": "linux-starfive-6.2"},
          {"reference": "linux-starfive-6.5"},
          {"reference": "linux-tools-5.15.0"},
          {"reference": "linux-tools-5.17.0"}
        ]
      }
    ]
  },
  "Ubuntu Linux-24.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "24.04",
        "pkgs": [
          {"reference": "linux-azure-6.11"},
          {"reference": "linux-azure-fde-6.14"},
          {"reference": "linux-azure-fde-6.17"},
          {"reference": "linux-azure-nvidia-6.14"},
          {"reference": "linux-buildinfo-6.8.0"},
          {"reference": "linux-cloud-tools-6.8.0"},
          {"reference": "linux-gcp-6.11"},
          {"reference": "linux-headers-6.8.0"},
          {"reference": "linux-hwe-6.11"},
          {"reference": "linux-image-6.8.0"},
          {"reference": "linux-lowlatency-hwe-6.11"},
          {"reference": "linux-modules-6.8.0"},
          {"reference": "linux-modules-iwlwifi-6.8.0"},
          {"reference": "linux-nvidia-6.11"},
          {"reference": "linux-oem-6.11"},
          {"reference": "linux-raspi-realtime"},
          {"reference": "linux-realtime"},
          {"reference": "linux-riscv-headers-6.8.0"},
          {"reference": "linux-riscv-tools-6.8.0"},
          {"reference": "linux-tools-6.8.0"}
        ]
      }
    ]
  },
  "Ubuntu Linux-25.10": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "25.10",
        "pkgs": [
          {"reference": "linux-azure-fde"}
        ]
      }
    ]
  },
  "Ubuntu Linux-25.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "25.04",
        "pkgs": [
          {"reference": "linux-azure-fde"},
          {"reference": "linux-xilinx"}
        ]
      }
    ]
  }
};

var distro_constraints_values = linux_unpatched::get_distro_constraints(distro_constraints_arr:distro_constraints_array);
if (empty_or_null(distro_constraints_values)) audit(AUDIT_HOST_NOT, 'affected');
var report = linux_unpatched::check_unpatched_constraints(distro_constraints_values:distro_constraints_values);

if (!empty_or_null(report))
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : report
  );
  exit(0);
}
else
{
  audit(AUDIT_HOST_NOT, 'affected');
}

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
21 May 2026 00:00Current
6.1Medium risk
Vulners AI Score6.1
CVSS 3.15.5
EPSS0.00049
unpatched vulnerabilitylinux smc sockinet sock confusiondouble free riskinet sock fixfirst memberno vendor patch
4