[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2025-38415":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":168,"related":169,"reserved_at":9,"published_at":188,"modified_at":189,"state":190,"summary":191,"references_raw":200,"kevs":245,"epss":246,"epss_history":249,"metrics":525,"affected":531},"CVE-2025-38415","In the Linux kernel, the following vulnerability has been resolved:\n\nSquashfs: check return result of sb_min_blocksize\n\nSyzkaller reports an \"UBSAN: shift-out-of-bounds in squashfs_bio_read\" bug.\n\nSyzkaller forks multiple processes which after mounting the Squashfs\nfilesystem, issues an ioctl(\"/dev/loop0\", LOOP_SET_BLOCK_SIZE, 0x8000). \nNow if this ioctl occurs at the same time another process is in the\nprocess of mounting a Squashfs filesystem on /dev/loop0, the failure\noccurs.  When this happens the following code in squashfs_fill_super()\nfails.\n\n----\nmsblk->devblksize = sb_min_blocksize(sb, SQUASHFS_DEVBLK_SIZE);\nmsblk->devblksize_log2 = ffz(~msblk->devblksize);\n----\n\nsb_min_blocksize() returns 0, which means msblk->devblksize is set to 0.\n\nAs a result, ffz(~msblk->devblksize) returns 64, and msblk->devblksize_log2\nis set to 64.\n\nThis subsequently causes the\n\nUBSAN: shift-out-of-bounds in fs/squashfs/block.c:195:36\nshift exponent 64 is too large for 64-bit type 'u64' (aka\n'unsigned long long')\n\nThis commit adds a check for a 0 return by sb_min_blocksize().",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-787","Out-of-bounds Write","The product writes data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base","High",[],[],[],[],[24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92,94,96,98,100,102,104,106,108,110,112,114,116,118,120,122,124,126,128,130,132,134,136,138,140,142,144,146,148,150,152,154,156,158,160,162,164,166],{"_key":25},"SUSE-SU-2025:02846-1",{"_key":27},"SUSE-SU-2025:02853-1",{"_key":29},"SUSE-SU-2025:02923-1",{"_key":31},"USN-7770-1",{"_key":33},"USN-7789-2",{"_key":35},"SUSE-SU-2025:02969-1",{"_key":37},"SUSE-SU-2025:03023-1",{"_key":39},"DLA-4327-1",{"_key":41},"DLA-4328-1",{"_key":43},"DSA-5973-1",{"_key":45},"SUSE-SU-2025:02997-1",{"_key":47},"SUSE-SU-2025:03011-1",{"_key":49},"SUSE-SU-2025:20577-1",{"_key":51},"SUSE-SU-2025:20586-1",{"_key":53},"SUSE-SU-2025:20601-1",{"_key":55},"SUSE-SU-2025:20602-1",{"_key":57},"SUSE-SU-2025:21074-1",{"_key":59},"SUSE-SU-2025:21139-1",{"_key":61},"SUSE-SU-2025:21179-1",{"_key":63},"SUSE-SU-2025:02996-1",{"_key":65},"OPENSUSE-SU-2025:20081-1",{"_key":67},"RHSA-2026:2766",{"_key":69},"RHSA-2026:3268",{"_key":71},"RHSA-2026:3277",{"_key":73},"RHSA-2026:3293",{"_key":75},"RHSA-2026:3375",{"_key":77},"RHSA-2026:3388",{"_key":79},"RHSA-2026:3579",{"_key":81},"RHSA-2026:3634",{"_key":83},"RHSA-2026:3685",{"_key":85},"MGASA-2025-0218",{"_key":87},"MGASA-2025-0219",{"_key":89},"RHSA-2026:3360",{"_key":91},"DEBIAN-CVE-2025-38415",{"_key":93},"RHSA-2026:2282",{"_key":95},"RHSA-2026:3088",{"_key":97},"RHSA-2026:3267",{"_key":99},"RHSA-2026:3358",{"_key":101},"USN-8028-1",{"_key":103},"USN-8028-2",{"_key":105},"USN-8028-3",{"_key":107},"USN-8028-4",{"_key":109},"USN-8028-5",{"_key":111},"USN-8028-6",{"_key":113},"USN-8028-7",{"_key":115},"USN-8028-8",{"_key":117},"USN-8031-1",{"_key":119},"USN-8031-2",{"_key":121},"USN-8031-3",{"_key":123},"USN-8052-1",{"_key":125},"USN-8052-2",{"_key":127},"USN-8074-1",{"_key":129},"USN-8074-2",{"_key":131},"USN-8126-1",{"_key":133},"RHSA-2026:1661",{"_key":135},"RHSA-2026:1662",{"_key":137},"RHSA-2026:2212",{"_key":139},"UBUNTU-CVE-2025-38415",{"_key":141},"USN-7774-1",{"_key":143},"USN-7774-2",{"_key":145},"USN-7774-3",{"_key":147},"USN-7774-4",{"_key":149},"USN-7774-5",{"_key":151},"USN-7775-1",{"_key":153},"USN-7775-2",{"_key":155},"USN-7775-3",{"_key":157},"USN-7776-1",{"_key":159},"USN-7769-1",{"_key":161},"USN-7769-2",{"_key":163},"USN-7769-3",{"_key":165},"USN-7771-1",{"_key":167},"USN-7789-1",[],[170,171,172,173,174,175,176,177,178,179,180,181,182,183,184,185,186,187],{"_key":25},{"_key":27},{"_key":29},{"_key":35},{"_key":37},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},{"_key":85},{"_key":87},"2025-07-25T13:32:09.711Z","2026-05-11T21:27:32.721Z","Analyzed",{"cisa_kev":192,"cisa_ransomware":192,"cisa_vendor":9,"epss_severity":193,"epss_score":194,"severity":195,"severity_score":196,"severity_version":197,"severity_source":198,"severity_vector":199,"severity_status":190},false,"low",0.00094,"high",7.8,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",[201,207,211,215,219,223,227,231,235,241],{"url":202,"sources":203,"tags":205},"https://git.kernel.org/stable/c/db7096ea160e40d78c67fce52e7cc51bde049497",[204,198],"cve.org",[206],"Patch",{"url":208,"sources":209,"tags":210},"https://git.kernel.org/stable/c/549f9e3d7b60d53808c98b9fde49b4f46d0524a5",[204,198],[206],{"url":212,"sources":213,"tags":214},"https://git.kernel.org/stable/c/5c51aa862cbeed2f3887f0382a2708956710bd68",[204,198],[206],{"url":216,"sources":217,"tags":218},"https://git.kernel.org/stable/c/6abf6b78c6fb112eee495f5636ffcc350dd2ce25",[204,198],[206],{"url":220,"sources":221,"tags":222},"https://git.kernel.org/stable/c/4f99357dadbf9c979ad737156ad4c37fadf7c56b",[204,198],[206],{"url":224,"sources":225,"tags":226},"https://git.kernel.org/stable/c/0aff95d9bc7fb5400ca8af507429c4b067bdb425",[204,198],[206],{"url":228,"sources":229,"tags":230},"https://git.kernel.org/stable/c/295ab18c2dbce8d0ac6ecf7c5187e16e1ac8b282",[204,198],[206],{"url":232,"sources":233,"tags":234},"https://git.kernel.org/stable/c/734aa85390ea693bb7eaf2240623d41b03705c84",[204,198],[206],{"url":236,"sources":237,"tags":238},"https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html",[204,198],[239,240],"Third Party Advisory","Mailing List",{"url":242,"sources":243,"tags":244},"https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html",[204,198],[239,240],[],{"date":247,"score":194,"percentile":248},"2026-06-04",0.26123,[250,254,257,260,263,266,269,272,275,278,281,284,286,289,292,296,299,302,305,308,311,315,318,321,324,327,330,333,336,339,342,345,348,352,355,358,361,364,367,370,373,376,379,382,385,388,391,394,397,401,404,408,411,414,418,421,424,427,430,433,437,440,443,446,449,452,455,458,461,464,467,470,473,476,479,482,485,488,491,494,497,500,503,506,509,511,514,517,519,522],{"date":251,"score":252,"percentile":253},"2025-11-04",0.00071,0.22122,{"date":255,"score":252,"percentile":256},"2025-11-05",0.22119,{"date":258,"score":252,"percentile":259},"2025-11-06",0.2213,{"date":261,"score":252,"percentile":262},"2025-11-07",0.22148,{"date":264,"score":252,"percentile":265},"2025-11-08",0.22157,{"date":267,"score":252,"percentile":268},"2025-11-09",0.22111,{"date":270,"score":252,"percentile":271},"2025-11-10",0.22047,{"date":273,"score":252,"percentile":274},"2025-11-11",0.22071,{"date":276,"score":252,"percentile":277},"2025-11-12",0.22126,{"date":279,"score":252,"percentile":280},"2025-11-13",0.22136,{"date":282,"score":252,"percentile":283},"2025-11-14",0.22127,{"date":285,"score":252,"percentile":268},"2025-11-15",{"date":287,"score":252,"percentile":288},"2025-11-16",0.22062,{"date":290,"score":252,"percentile":291},"2025-11-17",0.22023,{"date":293,"score":294,"percentile":295},"2025-11-18",0.00049,0.1066,{"date":297,"score":294,"percentile":298},"2025-11-19",0.10678,{"date":300,"score":294,"percentile":301},"2025-11-20",0.10705,{"date":303,"score":252,"percentile":304},"2025-11-21",0.21984,{"date":306,"score":252,"percentile":307},"2025-11-22",0.21982,{"date":309,"score":252,"percentile":310},"2025-11-23",0.21945,{"date":312,"score":313,"percentile":314},"2025-11-24",0.00092,0.26516,{"date":316,"score":313,"percentile":317},"2025-11-25",0.26511,{"date":319,"score":313,"percentile":320},"2025-11-26",0.26501,{"date":322,"score":313,"percentile":323},"2025-11-27",0.265,{"date":325,"score":313,"percentile":326},"2025-11-28",0.2647,{"date":328,"score":313,"percentile":329},"2025-11-29",0.26452,{"date":331,"score":313,"percentile":332},"2025-11-30",0.26414,{"date":334,"score":313,"percentile":335},"2025-12-01",0.26461,{"date":337,"score":313,"percentile":338},"2025-12-02",0.26484,{"date":340,"score":313,"percentile":341},"2025-12-03",0.26491,{"date":343,"score":313,"percentile":344},"2025-12-04",0.26428,{"date":346,"score":313,"percentile":347},"2025-12-05",0.26466,{"date":349,"score":350,"percentile":351},"2025-12-06",0.00068,0.21013,{"date":353,"score":350,"percentile":354},"2025-12-07",0.20991,{"date":356,"score":350,"percentile":357},"2025-12-08",0.21007,{"date":359,"score":350,"percentile":360},"2025-12-09",0.21057,{"date":362,"score":350,"percentile":363},"2025-12-10",0.21134,{"date":365,"score":350,"percentile":366},"2025-12-11",0.21176,{"date":368,"score":350,"percentile":369},"2025-12-12",0.2119,{"date":371,"score":350,"percentile":372},"2025-12-13",0.21191,{"date":374,"score":350,"percentile":375},"2025-12-14",0.21159,{"date":377,"score":350,"percentile":378},"2025-12-15",0.21137,{"date":380,"score":350,"percentile":381},"2025-12-16",0.21162,{"date":383,"score":350,"percentile":384},"2025-12-17",0.21238,{"date":386,"score":350,"percentile":387},"2025-12-18",0.21321,{"date":389,"score":350,"percentile":390},"2025-12-19",0.21339,{"date":392,"score":350,"percentile":393},"2025-12-20",0.21316,{"date":395,"score":350,"percentile":396},"2025-12-21",0.21264,{"date":398,"score":399,"percentile":400},"2025-12-22",0.00066,0.20562,{"date":402,"score":399,"percentile":403},"2025-12-23",0.20559,{"date":405,"score":406,"percentile":407},"2025-12-24",0.00018,0.03893,{"date":409,"score":406,"percentile":410},"2025-12-25",0.03932,{"date":412,"score":406,"percentile":413},"2025-12-26",0.03926,{"date":415,"score":416,"percentile":417},"2025-12-27",0.00014,0.01943,{"date":419,"score":406,"percentile":420},"2025-12-28",0.03928,{"date":422,"score":406,"percentile":423},"2025-12-29",0.03919,{"date":425,"score":406,"percentile":426},"2025-12-30",0.03864,{"date":428,"score":406,"percentile":429},"2025-12-31",0.03879,{"date":431,"score":406,"percentile":432},"2026-01-01",0.03967,{"date":434,"score":435,"percentile":436},"2026-01-02",0.00025,0.06491,{"date":438,"score":435,"percentile":439},"2026-01-03",0.06478,{"date":441,"score":435,"percentile":442},"2026-01-04",0.06321,{"date":444,"score":435,"percentile":445},"2026-01-05",0.06268,{"date":447,"score":435,"percentile":448},"2026-01-06",0.06276,{"date":450,"score":435,"percentile":451},"2026-01-07",0.063,{"date":453,"score":435,"percentile":454},"2026-01-08",0.06357,{"date":456,"score":435,"percentile":457},"2026-01-09",0.0636,{"date":459,"score":435,"percentile":460},"2026-01-10",0.06381,{"date":462,"score":435,"percentile":463},"2026-01-11",0.06379,{"date":465,"score":435,"percentile":466},"2026-01-12",0.06352,{"date":468,"score":435,"percentile":469},"2026-01-13",0.06335,{"date":471,"score":435,"percentile":472},"2026-01-14",0.06387,{"date":474,"score":435,"percentile":475},"2026-01-15",0.06393,{"date":477,"score":435,"percentile":478},"2026-01-16",0.06409,{"date":480,"score":435,"percentile":481},"2026-01-17",0.06421,{"date":483,"score":435,"percentile":484},"2026-01-18",0.06418,{"date":486,"score":435,"percentile":487},"2026-01-19",0.06392,{"date":489,"score":435,"percentile":490},"2026-01-20",0.06351,{"date":492,"score":435,"percentile":493},"2026-01-21",0.06349,{"date":495,"score":435,"percentile":496},"2026-01-22",0.06315,{"date":498,"score":435,"percentile":499},"2026-01-23",0.06385,{"date":501,"score":435,"percentile":502},"2026-01-24",0.06426,{"date":504,"score":435,"percentile":505},"2026-01-25",0.06388,{"date":507,"score":435,"percentile":508},"2026-01-26",0.06375,{"date":510,"score":435,"percentile":457},"2026-01-27",{"date":512,"score":435,"percentile":513},"2026-01-28",0.06334,{"date":515,"score":435,"percentile":516},"2026-01-29",0.06333,{"date":518,"score":435,"percentile":466},"2026-01-30",{"date":520,"score":435,"percentile":521},"2026-01-31",0.06348,{"date":523,"score":435,"percentile":524},"2026-02-01",0.06394,[526],{"source":198,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":527,"cvss_v4_0":9},{"baseScore":196,"baseSeverity":528,"vectorString":199,"impactScore":529,"exploitabilityScore":530},"HIGH",9.8,4.6,[532,541,576],{"ecosystem":9,"name":533,"vendor":534,"product":535,"cpe_part":536,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":537},"debian linux","debian","debian_linux","o",[538],{"version":539,"is_range":192,"range_type":540,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0","cpe",{"ecosystem":9,"name":542,"vendor":543,"product":543,"cpe_part":544,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":545},"Linux","linux","a",[546,553,556,559,562,565,568,571,574],{"version":547,"is_range":548,"range_type":204,"version_start":549,"version_start_type":550,"version_end":551,"version_end_type":552,"fixed_in":9},">= 0aa666190509ffab81c202c5095a166be23961ac, \u003C db7096ea160e40d78c67fce52e7cc51bde049497",true,"0aa666190509ffab81c202c5095a166be23961ac","including","db7096ea160e40d78c67fce52e7cc51bde049497","excluding",{"version":554,"is_range":548,"range_type":204,"version_start":549,"version_start_type":550,"version_end":555,"version_end_type":552,"fixed_in":9},">= 0aa666190509ffab81c202c5095a166be23961ac, \u003C 549f9e3d7b60d53808c98b9fde49b4f46d0524a5","549f9e3d7b60d53808c98b9fde49b4f46d0524a5",{"version":557,"is_range":548,"range_type":204,"version_start":549,"version_start_type":550,"version_end":558,"version_end_type":552,"fixed_in":9},">= 0aa666190509ffab81c202c5095a166be23961ac, \u003C 5c51aa862cbeed2f3887f0382a2708956710bd68","5c51aa862cbeed2f3887f0382a2708956710bd68",{"version":560,"is_range":548,"range_type":204,"version_start":549,"version_start_type":550,"version_end":561,"version_end_type":552,"fixed_in":9},">= 0aa666190509ffab81c202c5095a166be23961ac, \u003C 6abf6b78c6fb112eee495f5636ffcc350dd2ce25","6abf6b78c6fb112eee495f5636ffcc350dd2ce25",{"version":563,"is_range":548,"range_type":204,"version_start":549,"version_start_type":550,"version_end":564,"version_end_type":552,"fixed_in":9},">= 0aa666190509ffab81c202c5095a166be23961ac, \u003C 4f99357dadbf9c979ad737156ad4c37fadf7c56b","4f99357dadbf9c979ad737156ad4c37fadf7c56b",{"version":566,"is_range":548,"range_type":204,"version_start":549,"version_start_type":550,"version_end":567,"version_end_type":552,"fixed_in":9},">= 0aa666190509ffab81c202c5095a166be23961ac, \u003C 0aff95d9bc7fb5400ca8af507429c4b067bdb425","0aff95d9bc7fb5400ca8af507429c4b067bdb425",{"version":569,"is_range":548,"range_type":204,"version_start":549,"version_start_type":550,"version_end":570,"version_end_type":552,"fixed_in":9},">= 0aa666190509ffab81c202c5095a166be23961ac, \u003C 295ab18c2dbce8d0ac6ecf7c5187e16e1ac8b282","295ab18c2dbce8d0ac6ecf7c5187e16e1ac8b282",{"version":572,"is_range":548,"range_type":204,"version_start":549,"version_start_type":550,"version_end":573,"version_end_type":552,"fixed_in":9},">= 0aa666190509ffab81c202c5095a166be23961ac, \u003C 734aa85390ea693bb7eaf2240623d41b03705c84","734aa85390ea693bb7eaf2240623d41b03705c84",{"version":575,"is_range":192,"range_type":204,"version_start":575,"version_start_type":550,"version_end":575,"version_end_type":550,"fixed_in":9},"2.6.29",{"ecosystem":9,"name":577,"vendor":543,"product":578,"cpe_part":536,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":579},"linux kernel","linux_kernel",[580,583,587,591,595,599,603],{"version":581,"is_range":548,"range_type":540,"version_start":575,"version_start_type":550,"version_end":582,"version_end_type":552,"fixed_in":9},"gte2.6.29_lt5.4.295","5.4.295",{"version":584,"is_range":548,"range_type":540,"version_start":585,"version_start_type":550,"version_end":586,"version_end_type":552,"fixed_in":9},"gte5.5_lt5.10.239","5.5","5.10.239",{"version":588,"is_range":548,"range_type":540,"version_start":589,"version_start_type":550,"version_end":590,"version_end_type":552,"fixed_in":9},"gte5.11_lt5.15.186","5.11","5.15.186",{"version":592,"is_range":548,"range_type":540,"version_start":593,"version_start_type":550,"version_end":594,"version_end_type":552,"fixed_in":9},"gte5.16_lt6.1.142","5.16","6.1.142",{"version":596,"is_range":548,"range_type":540,"version_start":597,"version_start_type":550,"version_end":598,"version_end_type":552,"fixed_in":9},"gte6.2_lt6.6.94","6.2","6.6.94",{"version":600,"is_range":548,"range_type":540,"version_start":601,"version_start_type":550,"version_end":602,"version_end_type":552,"fixed_in":9},"gte6.7_lt6.12.34","6.7","6.12.34",{"version":604,"is_range":548,"range_type":540,"version_start":605,"version_start_type":550,"version_end":606,"version_end_type":552,"fixed_in":9},"gte6.13_lt6.15.3","6.13","6.15.3"]