Skip to content

Commit caa9729

Browse files
author
David Fernandez Gonzalez
authored
Merge pull request #68 from oracle-samples/analysis-week-44-2025
CVE analysis - Week 44
2 parents 2315695 + 1617a1f commit caa9729

5 files changed

Lines changed: 44 additions & 0 deletions

File tree

vulns/CVE-2025-38464.yml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
reachability: Local
2+
memory_corruption: true
3+
bug_class: UaF
4+
impact: LPE, DoS
5+
privileges_required: false
6+
notes: Can be triggered by unprivileged user through namespaces
7+
author: Oracle Corporation
8+
version: v0.1

vulns/CVE-2025-38724.yml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
reachability: remote
2+
memory_corruption: true
3+
bug_class: UAF
4+
impact: LPE or RCE
5+
privileges_required: false
6+
notes: use-after-free in the NFSv4 client id confirmation code.
7+
author: Oracle Corporation
8+
version: v0.1

vulns/CVE-2025-39946.yml

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,12 @@
1+
reachability: Remote
2+
memory_corruption: true
3+
bug_class: Buffer Overflow
4+
impact: LPE
5+
privileges_required: false
6+
notes: |-
7+
An unprivileged user can create a TCP connection (loopback or network
8+
namespace) and enable kTLS RX through setsockopt() If kTLS is enabled for
9+
inbound connections, then an unprivileged remote attacker can trigger the OOW
10+
kCTF entry exp422
11+
author: Oracle Corporation
12+
version: v0.1

vulns/CVE-2025-39973.yml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
reachability: VM
2+
memory_corruption: true
3+
bug_class: Buffer Overflow
4+
impact: DoS, information leak, VM escape
5+
privileges_required: false
6+
notes: No host privileges required IF a VF is exposed to the VM
7+
author: Oracle Corporation
8+
version: v0.1

vulns/CVE-2025-39977.yml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
reachability: Local
2+
memory_corruption: true
3+
bug_class: UaF
4+
impact: LPE, Info Leak
5+
privileges_required: false
6+
notes: ""
7+
author: Oracle Corporation
8+
version: v0.1

0 commit comments

Comments
 (0)