{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-37995", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T04:51:23.976Z", "datePublished": "2025-05-29T13:15:54.095Z", "dateUpdated": "2025-06-04T12:57:43.549Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-06-04T12:57:43.549Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmodule: ensure that kobject_put() is safe for module type kobjects\n\nIn 'lookup_or_create_module_kobject()', an internal kobject is created\nusing 'module_ktype'. So call to 'kobject_put()' on error handling\npath causes an attempt to use an uninitialized completion pointer in\n'module_kobject_release()'. In this scenario, we just want to release\nkobject without an extra synchronization required for a regular module\nunloading process, so adding an extra check whether 'complete()' is\nactually required makes 'kobject_put()' safe."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["kernel/params.c"], "versions": [{"version": "942e443127e928a5631c3d5102aca8c8b3c2dd98", "lessThan": "93799fb988757cdacf19acba57807746c00378e6", "status": "affected", "versionType": "git"}, {"version": "942e443127e928a5631c3d5102aca8c8b3c2dd98", "lessThan": "a63d99873547d8b39eb2f6db79dd235761e7098a", "status": "affected", "versionType": "git"}, {"version": "942e443127e928a5631c3d5102aca8c8b3c2dd98", "lessThan": "f1c71b4bd721a4ea21da408806964b10468623f2", "status": "affected", "versionType": "git"}, {"version": "942e443127e928a5631c3d5102aca8c8b3c2dd98", "lessThan": "9e7b49ce4f9d0cb5b6e87db9e07a2fb9e754b0dd", "status": "affected", "versionType": "git"}, {"version": "942e443127e928a5631c3d5102aca8c8b3c2dd98", "lessThan": "faa9059631d3491d699c69ecf512de9e1a3d6649", "status": "affected", "versionType": "git"}, {"version": "942e443127e928a5631c3d5102aca8c8b3c2dd98", "lessThan": "d63851049f412cdfadaeef7a7eaef5031d11c1e9", "status": "affected", "versionType": "git"}, {"version": "942e443127e928a5631c3d5102aca8c8b3c2dd98", "lessThan": "31d8df3f303c3ae9115230820977ef8c35c88808", "status": "affected", "versionType": "git"}, {"version": "942e443127e928a5631c3d5102aca8c8b3c2dd98", "lessThan": "a6aeb739974ec73e5217c75a7c008a688d3d5cf1", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["kernel/params.c"], "versions": [{"version": "3.12", "status": "affected"}, {"version": "0", "lessThan": "3.12", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.294", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.238", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.183", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.139", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.91", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.29", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.14.7", "lessThanOrEqual": "6.14.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.15", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.12", "versionEndExcluding": "5.4.294"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.12", "versionEndExcluding": "5.10.238"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.12", "versionEndExcluding": "5.15.183"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.12", "versionEndExcluding": "6.1.139"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.12", "versionEndExcluding": "6.6.91"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.12", "versionEndExcluding": "6.12.29"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.12", "versionEndExcluding": "6.14.7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.12", "versionEndExcluding": "6.15"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/93799fb988757cdacf19acba57807746c00378e6"}, {"url": "https://git.kernel.org/stable/c/a63d99873547d8b39eb2f6db79dd235761e7098a"}, {"url": "https://git.kernel.org/stable/c/f1c71b4bd721a4ea21da408806964b10468623f2"}, {"url": "https://git.kernel.org/stable/c/9e7b49ce4f9d0cb5b6e87db9e07a2fb9e754b0dd"}, {"url": "https://git.kernel.org/stable/c/faa9059631d3491d699c69ecf512de9e1a3d6649"}, {"url": "https://git.kernel.org/stable/c/d63851049f412cdfadaeef7a7eaef5031d11c1e9"}, {"url": "https://git.kernel.org/stable/c/31d8df3f303c3ae9115230820977ef8c35c88808"}, {"url": "https://git.kernel.org/stable/c/a6aeb739974ec73e5217c75a7c008a688d3d5cf1"}], "title": "module: ensure that kobject_put() is safe for module type kobjects", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmodule: ensure that kobject_put() is safe for module type kobjects\n\nIn 'lookup_or_create_module_kobject()', an internal kobject is created\nusing 'module_ktype'. So call to 'kobject_put()' on error handling\npath causes an attempt to use an uninitialized completion pointer in\n'module_kobject_release()'. In this scenario, we just want to release\nkobject without an extra synchronization required for a regular module\nunloading process, so adding an extra check whether 'complete()' is\nactually required makes 'kobject_put()' safe."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: m\u00f3dulo: garantizar que kobject_put() sea seguro para el tipo de m\u00f3dulo kobjects. En 'lookup_or_create_module_kobject()', se crea un kobject interno mediante 'module_ktype'. Por lo tanto, la llamada a 'kobject_put()' en la ruta de gesti\u00f3n de errores provoca un intento de usar un puntero de finalizaci\u00f3n no inicializado en 'module_kobject_release()'. En este escenario, solo queremos liberar kobject sin una sincronizaci\u00f3n adicional requerida para un proceso de descarga de m\u00f3dulo normal, por lo que a\u00f1adir una comprobaci\u00f3n adicional si 'complete()' es realmente necesario hace que 'kobject_put()' sea seguro."}], "id": "CVE-2025-37995", "lastModified": "2025-06-04T13:15:28.403", "metrics": {}, "published": "2025-05-29T14:15:36.043", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/31d8df3f303c3ae9115230820977ef8c35c88808"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/93799fb988757cdacf19acba57807746c00378e6"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/9e7b49ce4f9d0cb5b6e87db9e07a2fb9e754b0dd"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/a63d99873547d8b39eb2f6db79dd235761e7098a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/a6aeb739974ec73e5217c75a7c008a688d3d5cf1"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/d63851049f412cdfadaeef7a7eaef5031d11c1e9"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/f1c71b4bd721a4ea21da408806964b10468623f2"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/faa9059631d3491d699c69ecf512de9e1a3d6649"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: module: ensure that kobject_put() is safe for module type kobjects", "id": "2369191", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369191"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nmodule: ensure that kobject_put() is safe for module type kobjects\nIn 'lookup_or_create_module_kobject()', an internal kobject is created\nusing 'module_ktype'. So call to 'kobject_put()' on error handling\npath causes an attempt to use an uninitialized completion pointer in\n'module_kobject_release()'. In this scenario, we just want to release\nkobject without an extra synchronization required for a regular module\nunloading process, so adding an extra check whether 'complete()' is\nactually required makes 'kobject_put()' safe."], "name": "CVE-2025-37995", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Under investigation", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Under investigation", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Under investigation", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-05-29T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-37995\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-37995\nhttps://lore.kernel.org/linux-cve-announce/2025052902-CVE-2025-37995-2117@gregkh/T"], "threat_severity": "Moderate"}