{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-01T04:00:08.455","vulnerabilities":[{"cve":{"id":"CVE-2025-38049","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-04-18T07:15:43.187","lastModified":"2025-10-01T17:15:45.950","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nx86/resctrl: Fix allocation of cleanest CLOSID on platforms with no monitors\n\nCommit\n\n  6eac36bb9eb0 (\"x86/resctrl: Allocate the cleanest CLOSID by searching closid_num_dirty_rmid\")\n\nadded logic that causes resctrl to search for the CLOSID with the fewest dirty\ncache lines when creating a new control group, if requested by the arch code.\nThis depends on the values read from the llc_occupancy counters. The logic is\napplicable to architectures where the CLOSID effectively forms part of the\nmonitoring identifier and so do not allow complete freedom to choose an unused\nmonitoring identifier for a given CLOSID.\n\nThis support missed that some platforms may not have these counters.  This\ncauses a NULL pointer dereference when creating a new control group as the\narray was not allocated by dom_data_init().\n\nAs this feature isn't necessary on platforms that don't have cache occupancy\nmonitors, add this to the check that occurs when a new control group is\nallocated."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: x86/resctrl: Se corrige la asignación del CLOSID más limpio en plataformas sin monitores. El commit 6eac36bb9eb0 (\"x86/resctrl: Asignar el CLOSID más limpio buscando closid_num_dirty_rmid\") añadió lógica que hace que resctrl busque el CLOSID con la menor cantidad de líneas de caché sucias al crear un nuevo grupo de control, si así lo solicita el código de la arquitectura. Esto depende de los valores leídos de los contadores llc_occupancy. Esta lógica es aplicable a arquitecturas donde el CLOSID forma parte del identificador de monitorización y, por lo tanto, no permite total libertad para elegir un identificador de monitorización sin usar para un CLOSID determinado. Esta compatibilidad no tuvo en cuenta que algunas plataformas podrían no tener estos contadores. Esto provoca una desreferencia de puntero nulo al crear un nuevo grupo de control, ya que la matriz no fue asignada por dom_data_init(). Como esta función no es necesaria en plataformas que no tienen monitores de ocupación de caché, agregue esto a la verificación que se realiza cuando se asigna un nuevo grupo de control."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.9","versionEndExcluding":"6.12.23","matchCriteriaId":"10F3EB18-ACA3-4775-AC8D-C1CC227D2763"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.13.11","matchCriteriaId":"E7E864B0-8C00-4679-BA55-659B4C9C3AD3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.14","versionEndExcluding":"6.14.2","matchCriteriaId":"FADAE5D8-4808-442C-B218-77B2CE8780A0"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/93a418fc61da13d1ee4047d4d1327990f7a2816a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a121798ae669351ec0697c94f71c3a692b2a755b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a8a1bcc27d4607227088d80483164289b5348293","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ed5addb55e403ad6598102bcf546e068ae01fef6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}