7.1

CVE-2025-38081

EPSS 0.07%
Veröffentlicht 18.06.2025 09:33:54
Zuletzt bearbeitet 14.11.2025 20:23:34
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

spi-rockchip: Fix register out of bounds access

In the Linux kernel, the following vulnerability has been resolved:

spi-rockchip: Fix register out of bounds access

Do not write native chip select stuff for GPIO chip selects.
GPIOs can be numbered much higher than native CS.
Also, it makes no sense.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

NVD 3 VulnDex Vulnerability Enrichment 11

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 5.14 < 6.6.93

Linux ≫ Linux Kernel Version >= 6.7 < 6.12.31

Linux ≫ Linux Kernel Version >= 6.13 < 6.14.9

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.07%	0.205

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.1	1.8	5.2	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/4a120221661fcecb253448d7b041a52d47f1d91f

Patch

https://git.kernel.org/stable/c/ace57bd1fb49d193edec5f6a1f255f48dd5fca90

Patch

https://git.kernel.org/stable/c/254e04ec799c1ff8c1e2bd08a57c6a849895d6ff

Patch

https://git.kernel.org/stable/c/7a874e8b54ea21094f7fd2d428b164394c6cb316

Patch

https://nvd.nist.gov/vuln/detail/CVE-2025-38081

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38081

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38081

EUVD