{"schema_version":"1.7.2","id":"OESA-2025-1875","modified":"2025-07-25T13:15:05Z","published":"2025-07-25T13:15:05Z","upstream":["CVE-2025-38337"],"summary":"kernel security update","details":"The Linux Kernel, the operating system core itself.\r\n\r\nSecurity Fix(es):\n\nA vulnerability classified as critical was found in Linux Kernel up to 6.15.3 (Operating System).The CWE definition for the vulnerability is CWE-476. A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.As an impact it is known to affect availability.Upgrading to version 5.4.295, 5.10.239, 5.15.186, 6.1.142, 6.6.95, 6.12.35, 6.15.4 or 6.16-rc1 eliminates this vulnerability. Applying the patch 5c1a34ff5b0bfdfd2f9343aa9b08d25df618bac5/ec669e5bf409f16e464bfad75f0ba039a45de29a/43d5e3bb5f1dcd91e30238ea0b59a5f77063f84e/23361b479f2700c00960d3ae9cdc8ededa762d47/2e7c64d7a92c031d016f11c8e8cb05131ab7b75a/f78b38af3540b4875147b7b884ee11a27b3dbf4c/a377996d714afb8d4d5f4906336f78510039da29/af98b0157adf6504fade79b3e6cb260c4ff68e37 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.(CVE-2025-38337)","affected":[{"package":{"ecosystem":"openEuler:20.03-LTS-SP4","name":"kernel","purl":"pkg:rpm/openEuler/kernel&distro=openEuler-20.03-LTS-SP4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.19.90-2507.4.0.0337.oe2003sp4"}]}],"ecosystem_specific":{"aarch64":["bpftool-4.19.90-2507.4.0.0337.oe2003sp4.aarch64.rpm","bpftool-debuginfo-4.19.90-2507.4.0.0337.oe2003sp4.aarch64.rpm","kernel-4.19.90-2507.4.0.0337.oe2003sp4.aarch64.rpm","kernel-debuginfo-4.19.90-2507.4.0.0337.oe2003sp4.aarch64.rpm","kernel-debugsource-4.19.90-2507.4.0.0337.oe2003sp4.aarch64.rpm","kernel-devel-4.19.90-2507.4.0.0337.oe2003sp4.aarch64.rpm","kernel-source-4.19.90-2507.4.0.0337.oe2003sp4.aarch64.rpm","kernel-tools-4.19.90-2507.4.0.0337.oe2003sp4.aarch64.rpm","kernel-tools-debuginfo-4.19.90-2507.4.0.0337.oe2003sp4.aarch64.rpm","kernel-tools-devel-4.19.90-2507.4.0.0337.oe2003sp4.aarch64.rpm","perf-4.19.90-2507.4.0.0337.oe2003sp4.aarch64.rpm","perf-debuginfo-4.19.90-2507.4.0.0337.oe2003sp4.aarch64.rpm","python2-perf-4.19.90-2507.4.0.0337.oe2003sp4.aarch64.rpm","python2-perf-debuginfo-4.19.90-2507.4.0.0337.oe2003sp4.aarch64.rpm","python3-perf-4.19.90-2507.4.0.0337.oe2003sp4.aarch64.rpm","python3-perf-debuginfo-4.19.90-2507.4.0.0337.oe2003sp4.aarch64.rpm"],"src":["kernel-4.19.90-2507.4.0.0337.oe2003sp4.src.rpm"],"x86_64":["bpftool-4.19.90-2507.4.0.0337.oe2003sp4.x86_64.rpm","bpftool-debuginfo-4.19.90-2507.4.0.0337.oe2003sp4.x86_64.rpm","kernel-4.19.90-2507.4.0.0337.oe2003sp4.x86_64.rpm","kernel-debuginfo-4.19.90-2507.4.0.0337.oe2003sp4.x86_64.rpm","kernel-debugsource-4.19.90-2507.4.0.0337.oe2003sp4.x86_64.rpm","kernel-devel-4.19.90-2507.4.0.0337.oe2003sp4.x86_64.rpm","kernel-source-4.19.90-2507.4.0.0337.oe2003sp4.x86_64.rpm","kernel-tools-4.19.90-2507.4.0.0337.oe2003sp4.x86_64.rpm","kernel-tools-debuginfo-4.19.90-2507.4.0.0337.oe2003sp4.x86_64.rpm","kernel-tools-devel-4.19.90-2507.4.0.0337.oe2003sp4.x86_64.rpm","perf-4.19.90-2507.4.0.0337.oe2003sp4.x86_64.rpm","perf-debuginfo-4.19.90-2507.4.0.0337.oe2003sp4.x86_64.rpm","python2-perf-4.19.90-2507.4.0.0337.oe2003sp4.x86_64.rpm","python2-perf-debuginfo-4.19.90-2507.4.0.0337.oe2003sp4.x86_64.rpm","python3-perf-4.19.90-2507.4.0.0337.oe2003sp4.x86_64.rpm","python3-perf-debuginfo-4.19.90-2507.4.0.0337.oe2003sp4.x86_64.rpm"]}}],"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1875"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38337"}],"database_specific":{"severity":"High"}}