Advisory Database Sync

Author: advisory-database[bot]

advisories/unreviewed/2022/05/GHSA-p5jc-xg44-9www/GHSA-p5jc-xg44-9www.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-p5jc-xg44-9www",
-  "modified": "2022-05-14T03:38:28Z",
+  "modified": "2025-10-23T15:30:19Z",
   "published": "2022-05-14T03:38:28Z",
   "aliases": [
     "CVE-2017-17552"

advisories/unreviewed/2025/02/GHSA-232p-m442-j9m4/GHSA-232p-m442-j9m4.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-232p-m442-j9m4",
-  "modified": "2025-02-27T03:34:02Z",
+  "modified": "2025-10-23T15:30:22Z",
   "published": "2025-02-27T03:34:02Z",
   "aliases": [
     "CVE-2024-57852"
   ],
   "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: qcom: scm: smc: Handle missing SCM device\n\nCommit ca61d6836e6f (\"firmware: qcom: scm: fix a NULL-pointer\ndereference\") makes it explicit that qcom_scm_get_tzmem_pool() can\nreturn NULL, therefore its users should handle this.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -28,8 +33,10 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
-    "severity": null,
+    "cwe_ids": [
+      "CWE-476"
+    ],
+    "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2025-02-27T03:15:10Z"

advisories/unreviewed/2025/02/GHSA-6v7v-ggwx-mwx7/GHSA-6v7v-ggwx-mwx7.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-6v7v-ggwx-mwx7",
-  "modified": "2025-02-27T03:34:01Z",
+  "modified": "2025-10-23T15:30:20Z",
   "published": "2025-02-27T03:34:01Z",
   "aliases": [
     "CVE-2025-21717"
   ],
   "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: add missing cpu_to_node to kvzalloc_node in mlx5e_open_xdpredirect_sq\n\nkvzalloc_node is not doing a runtime check on the node argument\n(__alloc_pages_node_noprof does have a VM_BUG_ON, but it expands to\nnothing on !CONFIG_DEBUG_VM builds), so doing any ethtool/netlink\noperation that calls mlx5e_open on a CPU that's larger that MAX_NUMNODES\ntriggers OOB access and panic (see the trace below).\n\nAdd missing cpu_to_node call to convert cpu id to node id.\n\n[  165.427394] mlx5_core 0000:5c:00.0 beth1: Link up\n[  166.479327] BUG: unable to handle page fault for address: 0000000800000010\n[  166.494592] #PF: supervisor read access in kernel mode\n[  166.505995] #PF: error_code(0x0000) - not-present page\n...\n[  166.816958] Call Trace:\n[  166.822380]  <TASK>\n[  166.827034]  ? __die_body+0x64/0xb0\n[  166.834774]  ? page_fault_oops+0x2cd/0x3f0\n[  166.843862]  ? exc_page_fault+0x63/0x130\n[  166.852564]  ? asm_exc_page_fault+0x22/0x30\n[  166.861843]  ? __kvmalloc_node_noprof+0x43/0xd0\n[  166.871897]  ? get_partial_node+0x1c/0x320\n[  166.880983]  ? deactivate_slab+0x269/0x2b0\n[  166.890069]  ___slab_alloc+0x521/0xa90\n[  166.898389]  ? __kvmalloc_node_noprof+0x43/0xd0\n[  166.908442]  __kmalloc_node_noprof+0x216/0x3f0\n[  166.918302]  ? __kvmalloc_node_noprof+0x43/0xd0\n[  166.928354]  __kvmalloc_node_noprof+0x43/0xd0\n[  166.938021]  mlx5e_open_channels+0x5e2/0xc00\n[  166.947496]  mlx5e_open_locked+0x3e/0xf0\n[  166.956201]  mlx5e_open+0x23/0x50\n[  166.963551]  __dev_open+0x114/0x1c0\n[  166.971292]  __dev_change_flags+0xa2/0x1b0\n[  166.980378]  dev_change_flags+0x21/0x60\n[  166.988887]  do_setlink+0x38d/0xf20\n[  166.996628]  ? ep_poll_callback+0x1b9/0x240\n[  167.005910]  ? __nla_validate_parse.llvm.10713395753544950386+0x80/0xd70\n[  167.020782]  ? __wake_up_sync_key+0x52/0x80\n[  167.030066]  ? __mutex_lock+0xff/0x550\n[  167.038382]  ? security_capable+0x50/0x90\n[  167.047279]  rtnl_setlink+0x1c9/0x210\n[  167.055403]  ? ep_poll_callback+0x1b9/0x240\n[  167.064684]  ? security_capable+0x50/0x90\n[  167.073579]  rtnetlink_rcv_msg+0x2f9/0x310\n[  167.082667]  ? rtnetlink_bind+0x30/0x30\n[  167.091173]  netlink_rcv_skb+0xb1/0xe0\n[  167.099492]  netlink_unicast+0x20f/0x2e0\n[  167.108191]  netlink_sendmsg+0x389/0x420\n[  167.116896]  __sys_sendto+0x158/0x1c0\n[  167.125024]  __x64_sys_sendto+0x22/0x30\n[  167.133534]  do_syscall_64+0x63/0x130\n[  167.141657]  ? __irq_exit_rcu.llvm.17843942359718260576+0x52/0xd0\n[  167.155181]  entry_SYSCALL_64_after_hwframe+0x4b/0x53",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -24,8 +29,10 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
-    "severity": null,
+    "cwe_ids": [
+      "CWE-125"
+    ],
+    "severity": "HIGH",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2025-02-27T02:15:15Z"

advisories/unreviewed/2025/02/GHSA-6x53-8wjp-mwv4/GHSA-6x53-8wjp-mwv4.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-6x53-8wjp-mwv4",
-  "modified": "2025-03-13T15:32:48Z",
+  "modified": "2025-10-23T15:30:21Z",
   "published": "2025-02-27T03:34:02Z",
   "aliases": [
     "CVE-2025-21721"
   ],
   "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: handle errors that nilfs_prepare_chunk() may return\n\nPatch series \"nilfs2: fix issues with rename operations\".\n\nThis series fixes BUG_ON check failures reported by syzbot around rename\noperations, and a minor behavioral issue where the mtime of a child\ndirectory changes when it is renamed instead of moved.\n\n\nThis patch (of 2):\n\nThe directory manipulation routines nilfs_set_link() and\nnilfs_delete_entry() rewrite the directory entry in the folio/page\npreviously read by nilfs_find_entry(), so error handling is omitted on the\nassumption that nilfs_prepare_chunk(), which prepares the buffer for\nrewriting, will always succeed for these.  And if an error is returned, it\ntriggers the legacy BUG_ON() checks in each routine.\n\nThis assumption is wrong, as proven by syzbot: the buffer layer called by\nnilfs_prepare_chunk() may call nilfs_get_block() if necessary, which may\nfail due to metadata corruption or other reasons.  This has been there all\nalong, but improved sanity checks and error handling may have made it more\nreproducible in fuzzing tests.\n\nFix this issue by adding missing error paths in nilfs_set_link(),\nnilfs_delete_entry(), and their caller nilfs_rename().",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -48,8 +53,10 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
-    "severity": null,
+    "cwe_ids": [
+      "CWE-617"
+    ],
+    "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2025-02-27T02:15:15Z"

advisories/unreviewed/2025/02/GHSA-c8qg-4xrw-xqmv/GHSA-c8qg-4xrw-xqmv.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-c8qg-4xrw-xqmv",
-  "modified": "2025-02-27T03:34:03Z",
+  "modified": "2025-10-23T15:30:22Z",
   "published": "2025-02-27T03:34:03Z",
   "aliases": [
     "CVE-2024-58004"
   ],
   "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: intel/ipu6: remove cpu latency qos request on error\n\nFix cpu latency qos list corruption like below. It happens when\nwe do not remove cpu latency request on error path and free\ncorresponding memory.\n\n[   30.634378] l7 kernel: list_add corruption. prev->next should be next (ffffffff9645e960), but was 0000000100100001. (prev=ffff8e9e877e20a8).\n[   30.634388] l7 kernel: WARNING: CPU: 2 PID: 2008 at lib/list_debug.c:32 __list_add_valid_or_report+0x83/0xa0\n<snip>\n[   30.634640] l7 kernel: Call Trace:\n[   30.634650] l7 kernel:  <TASK>\n[   30.634659] l7 kernel:  ? __list_add_valid_or_report+0x83/0xa0\n[   30.634669] l7 kernel:  ? __warn.cold+0x93/0xf6\n[   30.634678] l7 kernel:  ? __list_add_valid_or_report+0x83/0xa0\n[   30.634690] l7 kernel:  ? report_bug+0xff/0x140\n[   30.634702] l7 kernel:  ? handle_bug+0x58/0x90\n[   30.634712] l7 kernel:  ? exc_invalid_op+0x17/0x70\n[   30.634723] l7 kernel:  ? asm_exc_invalid_op+0x1a/0x20\n[   30.634733] l7 kernel:  ? __list_add_valid_or_report+0x83/0xa0\n[   30.634742] l7 kernel:  plist_add+0xdd/0x140\n[   30.634754] l7 kernel:  pm_qos_update_target+0xa0/0x1f0\n[   30.634764] l7 kernel:  cpu_latency_qos_update_request+0x61/0xc0\n[   30.634773] l7 kernel:  intel_dp_aux_xfer+0x4c7/0x6e0 [i915 1f824655ed04687c2b0d23dbce759fa785f6d033]",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -28,8 +33,10 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
-    "severity": null,
+    "cwe_ids": [
+      "CWE-787"
+    ],
+    "severity": "HIGH",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2025-02-27T03:15:11Z"

advisories/unreviewed/2025/02/GHSA-c982-mg4h-7c8x/GHSA-c982-mg4h-7c8x.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-c982-mg4h-7c8x",
-  "modified": "2025-02-27T03:34:03Z",
+  "modified": "2025-10-23T15:30:23Z",
   "published": "2025-02-27T03:34:03Z",
   "aliases": [
     "CVE-2024-58008"
   ],
   "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nKEYS: trusted: dcp: fix improper sg use with CONFIG_VMAP_STACK=y\n\nWith vmalloc stack addresses enabled (CONFIG_VMAP_STACK=y) DCP trusted\nkeys can crash during en- and decryption of the blob encryption key via\nthe DCP crypto driver. This is caused by improperly using sg_init_one()\nwith vmalloc'd stack buffers (plain_key_blob).\n\nFix this by always using kmalloc() for buffers we give to the DCP crypto\ndriver.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -29,7 +34,7 @@
   ],
   "database_specific": {
     "cwe_ids": [],
-    "severity": null,
+    "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2025-02-27T03:15:11Z"

advisories/unreviewed/2025/02/GHSA-cf23-xh47-rxhj/GHSA-cf23-xh47-rxhj.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-cf23-xh47-rxhj",
-  "modified": "2025-02-27T03:34:02Z",
+  "modified": "2025-10-23T15:30:22Z",
   "published": "2025-02-27T03:34:02Z",
   "aliases": [
     "CVE-2024-54456"
   ],
   "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Fix potential buffer overflowin nfs_sysfs_link_rpc_client()\n\nname is char[64] where the size of clnt->cl_program->name remains\nunknown. Invoking strcat() directly will also lead to potential buffer\noverflow. Change them to strscpy() and strncat() to fix potential\nissues.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -32,8 +37,10 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
-    "severity": null,
+    "cwe_ids": [
+      "CWE-787"
+    ],
+    "severity": "HIGH",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2025-02-27T03:15:10Z"

advisories/unreviewed/2025/02/GHSA-cg84-5crp-xcxj/GHSA-cg84-5crp-xcxj.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-cg84-5crp-xcxj",
-  "modified": "2025-02-27T03:34:02Z",
+  "modified": "2025-10-23T15:30:21Z",
   "published": "2025-02-27T03:34:02Z",
   "aliases": [
     "CVE-2025-21730"
   ],
   "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: avoid to init mgnt_entry list twice when WoWLAN failed\n\nIf WoWLAN failed in resume flow, the rtw89_ops_add_interface() triggered\nwithout removing the interface first. Then the mgnt_entry list init again,\ncausing the list_empty() check in rtw89_chanctx_ops_assign_vif()\nuseless, and list_add_tail() again. Therefore, we have added a check to\nprevent double adding of the list.\n\nrtw89_8852ce 0000:01:00.0: failed to check wow status disabled\nrtw89_8852ce 0000:01:00.0: wow: failed to check disable fw ready\nrtw89_8852ce 0000:01:00.0: wow: failed to swap to normal fw\nrtw89_8852ce 0000:01:00.0: failed to disable wow\nrtw89_8852ce 0000:01:00.0: failed to resume for wow -110\nrtw89_8852ce 0000:01:00.0: MAC has already powered on\ni2c_hid_acpi i2c-ILTK0001:00: PM: acpi_subsys_resume+0x0/0x60 returned 0 after 284705 usecs\nlist_add corruption. prev->next should be next (ffff9d9719d82228), but was ffff9d9719f96030. (prev=ffff9d9719f96030).\n------------[ cut here ]------------\nkernel BUG at lib/list_debug.c:34!\ninvalid opcode: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 2 PID: 6918 Comm: kworker/u8:19 Tainted: G     U     O\nHardware name: Google Anraggar/Anraggar, BIOS Google_Anraggar.15217.514.0 03/25/2024\nWorkqueue: events_unbound async_run_entry_fn\nRIP: 0010:__list_add_valid_or_report+0x9f/0xb0\nCode: e8 56 89 ff ff 0f 0b 48 c7 c7 3e fc e0 96 48 89 c6 e8 45 89 ff ...\nRSP: 0018:ffffa51b42bbbaf0 EFLAGS: 00010246\nRAX: 0000000000000075 RBX: ffff9d9719d82ab0 RCX: 13acb86e047a4400\nRDX: 3fffffffffffffff RSI: 0000000000000000 RDI: 00000000ffffdfff\nRBP: ffffa51b42bbbb28 R08: ffffffff9768e250 R09: 0000000000001fff\nR10: ffffffff9765e250 R11: 0000000000005ffd R12: ffff9d9719f95c40\nR13: ffff9d9719f95be8 R14: ffff9d97081bfd78 R15: ffff9d9719d82060\nFS:  0000000000000000(0000) GS:ffff9d9a6fb00000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007e7d029a4060 CR3: 0000000345e38000 CR4: 0000000000750ee0\nPKRU: 55555554\nCall Trace:\n <TASK>\n ? __die_body+0x68/0xb0\n ? die+0xaa/0xd0\n ? do_trap+0x9f/0x170\n ? __list_add_valid_or_report+0x9f/0xb0\n ? __list_add_valid_or_report+0x9f/0xb0\n ? handle_invalid_op+0x69/0x90\n ? __list_add_valid_or_report+0x9f/0xb0\n ? exc_invalid_op+0x3c/0x50\n ? asm_exc_invalid_op+0x16/0x20\n ? __list_add_valid_or_report+0x9f/0xb0\n rtw89_chanctx_ops_assign_vif+0x1f9/0x210 [rtw89_core cbb375c44bf28564ce479002bff66617a25d9ac1]\n ? __mutex_unlock_slowpath+0xa0/0xf0\n rtw89_ops_assign_vif_chanctx+0x4b/0x90 [rtw89_core cbb375c44bf28564ce479002bff66617a25d9ac1]\n drv_assign_vif_chanctx+0xa7/0x1f0 [mac80211 6efaad16237edaaea0868b132d4f93ecf918a8b6]\n ieee80211_reconfig+0x9cb/0x17b0 [mac80211 6efaad16237edaaea0868b132d4f93ecf918a8b6]\n ? __pfx_wiphy_resume+0x10/0x10 [cfg80211 572d03acaaa933fe38251be7fce3b3675284b8ed]\n ? dev_printk_emit+0x51/0x70\n ? _dev_info+0x6e/0x90\n wiphy_resume+0x89/0x180 [cfg80211 572d03acaaa933fe38251be7fce3b3675284b8ed]\n ? __pfx_wiphy_resume+0x10/0x10 [cfg80211 572d03acaaa933fe38251be7fce3b3675284b8ed]\n dpm_run_callback+0x37/0x1e0\n device_resume+0x26d/0x4b0\n ? __pfx_dpm_watchdog_handler+0x10/0x10\n async_resume+0x1d/0x30\n async_run_entry_fn+0x29/0xd0\n worker_thread+0x397/0x970\n kthread+0xed/0x110\n ? __pfx_worker_thread+0x10/0x10\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x38/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1b/0x30\n </TASK>",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -29,7 +34,7 @@
   ],
   "database_specific": {
     "cwe_ids": [],
-    "severity": null,
+    "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2025-02-27T02:15:16Z"

advisories/unreviewed/2025/02/GHSA-cvf5-p5mj-6r49/GHSA-cvf5-p5mj-6r49.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-cvf5-p5mj-6r49",
-  "modified": "2025-03-13T15:32:48Z",
+  "modified": "2025-10-23T15:30:21Z",
   "published": "2025-02-27T03:34:01Z",
   "aliases": [
     "CVE-2025-21719"
   ],
   "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nipmr: do not call mr_mfc_uses_dev() for unres entries\n\nsyzbot found that calling mr_mfc_uses_dev() for unres entries\nwould crash [1], because c->mfc_un.res.minvif / c->mfc_un.res.maxvif\nalias to \"struct sk_buff_head unresolved\", which contain two pointers.\n\nThis code never worked, lets remove it.\n\n[1]\nUnable to handle kernel paging request at virtual address ffff5fff2d536613\nKASAN: maybe wild-memory-access in range [0xfffefff96a9b3098-0xfffefff96a9b309f]\nModules linked in:\nCPU: 1 UID: 0 PID: 7321 Comm: syz.0.16 Not tainted 6.13.0-rc7-syzkaller-g1950a0af2d55 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\npstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : mr_mfc_uses_dev net/ipv4/ipmr_base.c:290 [inline]\n pc : mr_table_dump+0x5a4/0x8b0 net/ipv4/ipmr_base.c:334\n lr : mr_mfc_uses_dev net/ipv4/ipmr_base.c:289 [inline]\n lr : mr_table_dump+0x694/0x8b0 net/ipv4/ipmr_base.c:334\nCall trace:\n  mr_mfc_uses_dev net/ipv4/ipmr_base.c:290 [inline] (P)\n  mr_table_dump+0x5a4/0x8b0 net/ipv4/ipmr_base.c:334 (P)\n  mr_rtm_dumproute+0x254/0x454 net/ipv4/ipmr_base.c:382\n  ipmr_rtm_dumproute+0x248/0x4b4 net/ipv4/ipmr.c:2648\n  rtnl_dump_all+0x2e4/0x4e8 net/core/rtnetlink.c:4327\n  rtnl_dumpit+0x98/0x1d0 net/core/rtnetlink.c:6791\n  netlink_dump+0x4f0/0xbc0 net/netlink/af_netlink.c:2317\n  netlink_recvmsg+0x56c/0xe64 net/netlink/af_netlink.c:1973\n  sock_recvmsg_nosec net/socket.c:1033 [inline]\n  sock_recvmsg net/socket.c:1055 [inline]\n  sock_read_iter+0x2d8/0x40c net/socket.c:1125\n  new_sync_read fs/read_write.c:484 [inline]\n  vfs_read+0x740/0x970 fs/read_write.c:565\n  ksys_read+0x15c/0x26c fs/read_write.c:708",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -48,8 +53,10 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
-    "severity": null,
+    "cwe_ids": [
+      "CWE-125"
+    ],
+    "severity": "HIGH",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2025-02-27T02:15:15Z"

advisories/unreviewed/2025/02/GHSA-f47w-fp34-vr9h/GHSA-f47w-fp34-vr9h.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-f47w-fp34-vr9h",
-  "modified": "2025-03-13T15:32:48Z",
+  "modified": "2025-10-23T15:30:21Z",
   "published": "2025-02-27T03:34:02Z",
   "aliases": [
     "CVE-2025-21728"
   ],
   "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Send signals asynchronously if !preemptible\n\nBPF programs can execute in all kinds of contexts and when a program\nrunning in a non-preemptible context uses the bpf_send_signal() kfunc,\nit will cause issues because this kfunc can sleep.\nChange `irqs_disabled()` to `!preemptible()`.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -49,7 +54,7 @@
   ],
   "database_specific": {
     "cwe_ids": [],
-    "severity": null,
+    "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2025-02-27T02:15:16Z"