{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-12T23:53:26.765","vulnerabilities":[{"cve":{"id":"CVE-2025-37995","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-05-29T14:15:36.043","lastModified":"2025-12-16T20:20:35.617","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nmodule: ensure that kobject_put() is safe for module type kobjects\n\nIn 'lookup_or_create_module_kobject()', an internal kobject is created\nusing 'module_ktype'. So call to 'kobject_put()' on error handling\npath causes an attempt to use an uninitialized completion pointer in\n'module_kobject_release()'. In this scenario, we just want to release\nkobject without an extra synchronization required for a regular module\nunloading process, so adding an extra check whether 'complete()' is\nactually required makes 'kobject_put()' safe."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: módulo: garantizar que kobject_put() sea seguro para el tipo de módulo kobjects. En 'lookup_or_create_module_kobject()', se crea un kobject interno mediante 'module_ktype'. Por lo tanto, la llamada a 'kobject_put()' en la ruta de gestión de errores provoca un intento de usar un puntero de finalización no inicializado en 'module_kobject_release()'. En este escenario, solo queremos liberar kobject sin una sincronización adicional requerida para un proceso de descarga de módulo normal, por lo que añadir una comprobación adicional si 'complete()' es realmente necesario hace que 'kobject_put()' sea seguro."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-824"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.12","versionEndExcluding":"5.4.294","matchCriteriaId":"CAB28496-7398-4A33-A6B1-3C5F564C74A5"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"5.10.238","matchCriteriaId":"0DAAEF7F-D560-47FC-8B65-20404DB82432"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.183","matchCriteriaId":"94D91ED4-346E-41EE-ACF5-F184C0A863D5"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.139","matchCriteriaId":"70A2F216-574B-4B80-86BC-988928D5B83D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.91","matchCriteriaId":"B6826C73-C5C9-430D-84C9-4045DFD72074"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.29","matchCriteriaId":"7215ABCF-8EB1-46CD-8872-8BCE4890E579"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.14.7","matchCriteriaId":"5715A6F5-A34A-4B27-8A64-82825E963995"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.15:rc1:*:*:*:*:*:*","matchCriteriaId":"8D465631-2980-487A-8E65-40AE2B9F8ED1"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.15:rc2:*:*:*:*:*:*","matchCriteriaId":"4C9D071F-B28E-46EC-AC61-22B913390211"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.15:rc3:*:*:*:*:*:*","matchCriteriaId":"13FC0DDE-E513-465E-9E81-515702D49B74"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.15:rc4:*:*:*:*:*:*","matchCriteriaId":"8C7B5B0E-4EEB-48F5-B4CF-0935A7633845"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.15:rc5:*:*:*:*:*:*","matchCriteriaId":"2D240580-3048-49B2-9E27-F115A9DF8224"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","matchCriteriaId":"FA6FEEC2-9F11-4643-8827-749718254FED"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/31d8df3f303c3ae9115230820977ef8c35c88808","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/93799fb988757cdacf19acba57807746c00378e6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/9e7b49ce4f9d0cb5b6e87db9e07a2fb9e754b0dd","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a63d99873547d8b39eb2f6db79dd235761e7098a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a6aeb739974ec73e5217c75a7c008a688d3d5cf1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d63851049f412cdfadaeef7a7eaef5031d11c1e9","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f1c71b4bd721a4ea21da408806964b10468623f2","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/faa9059631d3491d699c69ecf512de9e1a3d6649","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}