5.5
CVE-2025-38072
- EPSS 0.17%
- Veröffentlicht 18.06.2025 09:33:48
- Zuletzt bearbeitet 17.12.2025 18:54:13
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
libnvdimm/labels: Fix divide error in nd_label_data_init()
In the Linux kernel, the following vulnerability has been resolved: libnvdimm/labels: Fix divide error in nd_label_data_init() If a faulty CXL memory device returns a broken zero LSA size in its memory device information (Identify Memory Device (Opcode 4000h), CXL spec. 3.1, 8.2.9.9.1.1), a divide error occurs in the libnvdimm driver: Oops: divide error: 0000 [#1] PREEMPT SMP NOPTI RIP: 0010:nd_label_data_init+0x10e/0x800 [libnvdimm] Code and flow: 1) CXL Command 4000h returns LSA size = 0 2) config_size is assigned to zero LSA size (CXL pmem driver): drivers/cxl/pmem.c: .config_size = mds->lsa_size, 3) max_xfer is set to zero (nvdimm driver): drivers/nvdimm/label.c: max_xfer = min_t(size_t, ndd->nsarea.max_xfer, config_size); 4) A subsequent DIV_ROUND_UP() causes a division by zero: drivers/nvdimm/label.c: /* Make our initial read size a multiple of max_xfer size */ drivers/nvdimm/label.c: read_size = min(DIV_ROUND_UP(read_size, max_xfer) * max_xfer, drivers/nvdimm/label.c- config_size); Fix this by checking the config size parameter by extending an existing check.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 5.4.294
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.238
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.185
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.141
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.93
Linux ≫ Linux Kernel Version >= 6.7 < 6.12.31
Linux ≫ Linux Kernel Version >= 6.13 < 6.14.9
Debian ≫ Debian Linux Version11.0
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.17% | 0.066 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-908 Use of Uninitialized Resource
The product uses or accesses a resource that has not been initialized.
https://git.kernel.org/stable/c/2bd4a938d2eda96ab7288b8fa5aae84a1de8c4ca
https://git.kernel.org/stable/c/396c46d3f59a18ebcc500640e749f16e197d472b
https://git.kernel.org/stable/c/f49c337037df029440a8390380dd35d2cf5924d3
https://git.kernel.org/stable/c/db1aef51b8e66a77f76b1250b914589c31a0a0ed
https://git.kernel.org/stable/c/ea3d95e05e97ea20fd6513f647393add16fce3b2
https://git.kernel.org/stable/c/1d1e1efad1cf049e888bf175a5c6be85d792620c
https://git.kernel.org/stable/c/e14347f647ca6d76fe1509b6703e340f2d5e2716
https://git.kernel.org/stable/c/ef1d3455bbc1922f94a91ed58d3d7db440652959
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html