Lucene search
+L

11 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.6 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-21640)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21640 advisory. - In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: cookiehmacalg: avoid using...

5.5CVSS5.3AI score0.00229EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/05/06 12:0 a.m.20 views

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2025-1421)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : filemap: avoid truncating 64-bit offset to 32 bitsCVE-2025-21665 iomap: avoid avoid truncating 64-bit offset to 32 bitsCVE-2025-21667 fs/proc: fix...

7.8CVSS7AI score0.00373EPSS
Exploits0References51
CBLMariner
CBLMariner
added 2025/05/05 3:7 p.m.8 views

CVE-2025-21640 affecting package kernel for versions less than 5.15.179.1-1

CVE-2025-21640 affecting package kernel for versions less than 5.15.179.1-1. A patched version of the package is available...

5.5CVSS7AI score0.00229EPSS
Exploits0
CBLMariner
CBLMariner
added 2025/03/13 9:13 p.m.6 views

CVE-2025-21640 affecting package kernel for versions less than 6.6.78.1-3

CVE-2025-21640 affecting package kernel for versions less than 6.6.78.1-3. An upgraded version of the package is available that resolves this issue...

5.5CVSS6.4AI score0.00229EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-21640

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sctp: sysctl: cookiehmacalg: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not...

5.5CVSS6.7AI score0.00229EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/01/20 7:52 a.m.7 views

CVE-2025-21640

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: cookiehmacalg: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...

5.5CVSS6.7AI score0.00229EPSS
Exploits0References4
NVD
NVD
added 2025/01/19 11:15 a.m.14 views

CVE-2025-21640

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: cookiehmacalg: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...

5.5CVSS0.00229EPSS
Exploits0References10
Debian CVE
Debian CVE
added 2025/01/19 10:17 a.m.5 views

CVE-2025-21640

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: cookiehmacalg: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...

5.5CVSS5.6AI score0.00229EPSS
Exploits0
OSV
OSV
added 2025/01/19 10:17 a.m.7 views

CVE-2025-21640 sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: cookiehmacalg: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...

5.5CVSS6AI score0.00229EPSS
Exploits0References13
Cvelist
Cvelist
added 2025/01/19 10:17 a.m.25 views

CVE-2025-21640 sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: cookiehmacalg: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...

0.00229EPSS
Exploits0References7
CVE
CVE
added 2025/01/19 10:17 a.m.185 views

CVE-2025-21640

Summary (CVE-2025-21640) : In the Linux kernel, the sctp: sysctl: cookie_hmac_alg path was fixed to avoid using current->nsproxy. The root cause involved dereferencing current->nsproxy (which can be NULL, e.g., when the task is exiting), leading to an OOPs condition. The patch replaces the ...

5.5CVSS6.9AI score0.00229EPSS
Exploits0References10Affected Software1
Rows per page
Query Builder