Linux Distros のパッチ未適用の脆弱性: CVE-2025-38598

high Nessus プラグイン ID 260155

概要

Linux/Unix ホストには、ベンダーにより修正されていないことを示す脆弱性を持つ複数のパッケージがインストールされています。

説明

Linux/Unix ホストには、ベンダーが提供するパッチが利用できない脆弱性の影響を受ける複数のパッケージがインストールされています。

- drm/amdgpuamdgpu_userq_suspend+0x51a/0x5a0 の use-after-free を修正 [+0.000020] バグ KASANamdgpu_userq_suspend+0x51a/0x5a0 の slab-use-after-free [amdgpu] [+0.000817] サイズの読み取りタスク amd_pci_unplug/1733 による addr ffff88812eec8c58 で 8 [+0.000027] CPU10 UID0 PID1733 通信amd_pci_unplug 汚染GW 6.14.0+ #2 [+0.000009] 汚染 [W]=WARN [+0.000003ハードウェア名ASUS システム製品名/ROG STRIX B550-F GAMING (WI-FI)、BIOS 1401 12/03/2020 [+0.000004] コールトレース[ +0.000004] <TASK> [+0.000003] dump_stack_lvl +0x76/0xa0 [+0.000011] print_report+0xce/0x600 [+0.000009] ? srso_return_thunk+0x5/0x5f [+0.000006] ? kasan_complete_mode_report_info+0x76/0x200 [ +0.000007] ? kasan_addr_to_slab+0xd/0xb0 [ +0.000006] ? amdgpu_userq_suspend+0x51a/0x5a0 [amdgpu] [+0.000707] kasan_report+0xbe/0x110 [+0.000006] ? amdgpu_userq_suspend+0x51a/0x5a0 [amdgpu] [+0.000541]
__asan_report_load8_noabort+0x14/0x30 [+0.000005] amdgpu_userq_suspend+0x51a/0x5a0 [amdgpu] [+0.000535] ? stop_cpsch+0x396/0x600 [amdgpu] [ +0.000556] ? stop_cpsch+0x429/0x600 [amdgpu] [ +0.000536] ?
__pfx_amdgpu_userq_suspend+0x10/0x10 [amdgpu] [+0.000536] ? srso_return_thunk+0x5/0x5f [+0.000004] ? kgd2kfd_suspend+0x132/0x1d0 [amdgpu] [+0.000542] amdgpu_device_fini_hw+0x581/0xe90 [amdgpu] [ +0.000485] ? down_write+0xbb/0x140 [+0.000007] ? __mutex_unlock_slowpath.constprop.0+0x317/0x360 [+0.000005] ?
__pfx_amdgpu_device_fini_hw+0x10/0x10 [amdgpu] [+0.000482] ? __kasan_check_write+0x14/0x30 [ +0.000004] ? srso_return_thunk+0x5/0x5f [+0.000004] ? up_write+0x55/0xb0 [+0.000007] ? srso_return_thunk+0x5/0x5f [+0.000005] ? block_notifier_chain_unregister+0x6c/0xc0 [+0.000008] amdgpu_driver_unload_kms+0x69/0x90 [amdgpu] [+0.000484] amdgpu_pci_remove+0x93/0x130 [amdgpu] [+0.000482] pci_device_remove+0xae/0x1e0x7 [] device_remove+0x7 [] device_remove+0x7 [] device_remove+0x70.000008device_remove+0x7 [] device_remove+0x7 [] 0x180 [+0.000008] device_release_driver_internal+0x3d4/0x5a0 [+0.000007] device_release_driver+0x12/0x20 [+0.000004] pci_stop_bus_device+0x104/0x150 [+0.000006] pci_stop_and_remove_bus_device_locked+0x1b/0x40 [0.000005+ store] + 0xf0 [+0.000005] ?
__pfx_remove_store+0x10/0x10 [+0.000006] ? __pfx__copy_from_iter+0x10/0x10 [+0.000006] ?
__pfx_dev_attr_store+0x10/0x10 [+0.000006] dev_attr_store+0x3f/0x80 [+0.000006] sysfs_kf_write+0x125/0x1d0 [+0.000004] ? srso_return_thunk+0x5/0x5f [+0.000005] ?
__kasan_check_write+0x14/0x30 [+0.000005] kernfs_fop_write_iter+0x2ea/0x490 [+0.000005] ? rw_verify_area+0x70/0x420 [+0.000005] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [+0.000006] vfs_write+0x90d/0xe70 [+0.000005] ? srso_return_thunk+0x5/0x5f [+0.000005] ? __pfx_vfs_write+0x10/0x10 [+0.000004] ? local_clock+0x15/0x30 [ +0.000008] ? srso_return_thunk+0x5/0x5f [+0.000004] ?
__kasan_slab_free+0x5f/0x80 [ +0.000005] ? srso_return_thunk+0x5/0x5f [+0.000004] ?
__kasan_check_read+0x11/0x20 [ +0.000004] ? srso_return_thunk+0x5/0x5f [+0.000004] ? fdget_pos+0x1d3/0x500 [+0.000007] ksys_write+0x119/0x220 [+0.000005] ? putname+0x1c/0x30 [+0.000006] ?
__pfx_ksys_write+0x10/0x10 [+0.000007] __x64_sys_write+0x72/0xc0 [+0.000006] x64_sys_call+0x18ab/0x26f0 [+0.000006] do_syscall_64+0x7c/0x170 [+0.000004] ? srso_return_thunk+0x5/0x5f [+0.000004] ?
__pfx__x64_sys_openat+0x10/0x10 [+0.000006] ? srso_return_thunk+0x5/0x5f [+0.000004] ?
__kasan_check_read+0x11/0x20 [ +0.000003] ? srso_return_thunk+0x5/0x5f [+0.000004] ? fpregs_assert_state_consistent+0x21/0xb0 [+0.000006] ? srso_return_thunk+0x5/0x5f [+0.000004] ? syscall_exit_to_user_mode+0x4e/0x240 [+0.000005] ? srso_return_thunk+0x5/0x5f [+0.000004] ? do_syscall_64+0x88/0x170 [ +0.000003] ? srso_return_thunk+0x5/0x5f [+0.000004] ? irqentry_exit+0x43/0x50 [+0.000004] ? srso_return_thunk+0x5 ---truncated---CVE-2025-38598

Nessus は、ベンダーによって報告されたパッケージの存在に依存していることに注意してください。

ソリューション

現時点で既知の解決策はありません。

参考資料

https://ubuntu.com/security/CVE-2025-38598

プラグインの詳細

深刻度: High

ID: 260155

ファイル名: unpatched_CVE_2025_38598.nasl

バージョン: 1.1

タイプ: local

エージェント: unix

ファミリー: Misc.

公開日: 2025/9/1

更新日: 2025/9/1

サポートされているセンサー: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

リスク情報

VPR

リスクファクター: Medium

スコア: 6.7

CVSS v2

リスクファクター: Low

基本値: 3.6

現状値: 2.7

ベクトル: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:P

CVSS スコアのソース: CVE-2025-38598

CVSS v3

リスクファクター: High

基本値: 7.8

現状値: 6.8

ベクトル: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

現状ベクトル: CVSS:3.0/E:U/RL:O/RC:C

脆弱性情報

CPE: p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-6.11, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-6.14, p-cpe:/a:canonical:ubuntu_linux:linux-riscv-6.8, p-cpe:/a:canonical:ubuntu_linux:linux-bluefield, p-cpe:/a:canonical:ubuntu_linux:linux-ibm-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-allwinner-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-6.14, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.8, p-cpe:/a:canonical:ubuntu_linux:linux-nvidia-6.11, p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-6.8, p-cpe:/a:canonical:ubuntu_linux:linux-raspi-realtime, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-6.8, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-azure-fde-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-gkeop, p-cpe:/a:canonical:ubuntu_linux:linux-intel-iot-realtime, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.3, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-edge, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-riscv-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.13, p-cpe:/a:canonical:ubuntu_linux:linux, p-cpe:/a:canonical:ubuntu_linux:linux-oem-6.11, p-cpe:/a:canonical:ubuntu_linux:linux-riscv-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-iot, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-intel-iotg, p-cpe:/a:canonical:ubuntu_linux:linux-gke-4.15, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.8, p-cpe:/a:canonical:ubuntu_linux:linux-azure-nvidia, p-cpe:/a:canonical:ubuntu_linux:linux-oem-6.0, p-cpe:/a:canonical:ubuntu_linux:linux-azure-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-6.11, p-cpe:/a:canonical:ubuntu_linux:linux-aws-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-gke, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-intel-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-gke-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-lts-xenial, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-azure-edge, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-nvidia-tegra, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-azure-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-aws-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-azure-fde, p-cpe:/a:canonical:ubuntu_linux:linux-azure-6.8, p-cpe:/a:canonical:ubuntu_linux:linux-nvidia-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-azure-4.15, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-nvidia-6.8, p-cpe:/a:canonical:ubuntu_linux:linux-starfive-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-oem-6.8, p-cpe:/a:canonical:ubuntu_linux:linux-nvidia-tegra-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-riscv-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-4.15, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-6.8, p-cpe:/a:canonical:ubuntu_linux:linux-oem-6.1, p-cpe:/a:canonical:ubuntu_linux:linux-riscv, p-cpe:/a:canonical:ubuntu_linux:linux-azure-fde-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.10, cpe:/o:canonical:ubuntu_linux:20.04:-:lts, cpe:/o:canonical:ubuntu_linux:24.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:linux-aws-hwe, p-cpe:/a:canonical:ubuntu_linux:linux-ibm, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.3, p-cpe:/a:canonical:ubuntu_linux:linux-azure-6.11, p-cpe:/a:canonical:ubuntu_linux:linux-hwe, p-cpe:/a:canonical:ubuntu_linux:linux-kvm, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.8, p-cpe:/a:canonical:ubuntu_linux:linux-nvidia-tegra-igx, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.17, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-6.2, cpe:/o:canonical:ubuntu_linux:14.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.0, p-cpe:/a:canonical:ubuntu_linux:linux-raspi, p-cpe:/a:canonical:ubuntu_linux:linux-oem-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-oracle, p-cpe:/a:canonical:ubuntu_linux:linux-aws-6.8, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-intel-iotg-5.15, cpe:/o:canonical:ubuntu_linux:16.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-6.8, p-cpe:/a:canonical:ubuntu_linux:linux-realtime, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-raspi2, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-azure-fde-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-6.11, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.8, p-cpe:/a:canonical:ubuntu_linux:linux-nvidia-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-oem-6.14, p-cpe:/a:canonical:ubuntu_linux:linux-riscv-6.14, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.0, p-cpe:/a:canonical:ubuntu_linux:linux-aws, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency, p-cpe:/a:canonical:ubuntu_linux:linux-oem, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-riscv-5.8, p-cpe:/a:canonical:ubuntu_linux:linux-nvidia, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-6.14, p-cpe:/a:canonical:ubuntu_linux:linux-raspi-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-starfive-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.14, p-cpe:/a:canonical:ubuntu_linux:linux-xilinx-zynqmp, p-cpe:/a:canonical:ubuntu_linux:linux-nvidia-lowlatency, p-cpe:/a:canonical:ubuntu_linux:linux-gcp, cpe:/o:canonical:ubuntu_linux:25.04, p-cpe:/a:canonical:ubuntu_linux:linux-azure, cpe:/o:canonical:ubuntu_linux:22.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.3, p-cpe:/a:canonical:ubuntu_linux:linux-ibm-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-aws-6.14, p-cpe:/a:canonical:ubuntu_linux:linux-gke-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-ibm-6.8, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.3, p-cpe:/a:canonical:ubuntu_linux:linux-starfive-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.6, p-cpe:/a:canonical:ubuntu_linux:linux-riscv-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.8, cpe:/o:canonical:ubuntu_linux:18.04:-:lts

必要な KB アイテム: Host/local_checks_enabled, Host/cpu, global_settings/vendor_unpatched, Host/OS/identifier

エクスプロイトの容易さ: No known exploits are available

脆弱性公開日: 2025/8/19

参照情報

CVE: CVE-2025-38598