CVE-2025-52568

NeKernal is a free and open-source operating system stack. Prior to version 0.0.3, there are several memory safety issues that can lead to memory corruption, disk image corruption, denial of service, and potential code execution. These issues stem from unchecked memory operations, unsafe typecasting, and improper input validation. This issue has been patched in version 0.0.3.

CVSS

No CVSS.

References

Link	Resource
https://github.com/nekernel-org/nekernel/commit/6506875ad0ab210b82a5c4ce227bf851508de17d
https://github.com/nekernel-org/nekernel/commit/6511afbf405c31513bc88ab06bca58218610a994
https://github.com/nekernel-org/nekernel/pull/35
https://github.com/nekernel-org/nekernel/pull/36
https://github.com/nekernel-org/nekernel/security/advisories/GHSA-cmp2-5f6g-mw34

Configurations

No configuration.

History

26 Jun 2025, 18:58

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-06-24 04:15

Updated : 2025-06-26 18:58

NVD link : CVE-2025-52568

Mitre link : CVE-2025-52568

CVE.ORG link : CVE-2025-52568

JSON object : View

Products Affected

No product.

CWE

CWE-20

Improper Input Validation

CWE-770

Allocation of Resources Without Limits or Throttling

{"id": "CVE-2025-52568", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.8, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-06-24T04:15:49.693", "references": [{"url": "https://github.com/nekernel-org/nekernel/commit/6506875ad0ab210b82a5c4ce227bf851508de17d", "source": "security-advisories@github.com"}, {"url": "https://github.com/nekernel-org/nekernel/commit/6511afbf405c31513bc88ab06bca58218610a994", "source": "security-advisories@github.com"}, {"url": "https://github.com/nekernel-org/nekernel/pull/35", "source": "security-advisories@github.com"}, {"url": "https://github.com/nekernel-org/nekernel/pull/36", "source": "security-advisories@github.com"}, {"url": "https://github.com/nekernel-org/nekernel/security/advisories/GHSA-cmp2-5f6g-mw34", "source": "security-advisories@github.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-20"}, {"lang": "en", "value": "CWE-770"}]}], "descriptions": [{"lang": "en", "value": "NeKernal is a free and open-source operating system stack. Prior to version 0.0.3, there are several memory safety issues that can lead to memory corruption, disk image corruption, denial of service, and potential code execution. These issues stem from unchecked memory operations, unsafe typecasting, and improper input validation. This issue has been patched in version 0.0.3."}, {"lang": "es", "value": "NeKernal es un sistema operativo gratuito y de c\u00f3digo abierto. Antes de la versi\u00f3n 0.0.3, exist\u00edan varios problemas de seguridad de memoria que pod\u00edan provocar corrupci\u00f3n de memoria, corrupci\u00f3n de im\u00e1genes de disco, denegaci\u00f3n de servicio y posible ejecuci\u00f3n de c\u00f3digo. Estos problemas se deben a operaciones de memoria sin control, conversi\u00f3n de tipos insegura y validaci\u00f3n de entrada incorrecta. Este problema se ha corregido en la versi\u00f3n 0.0.3."}], "lastModified": "2025-06-26T18:58:14.280", "sourceIdentifier": "security-advisories@github.com"}