-
CVE-2025-38239
- EPSS 0.03%
- Veröffentlicht 09.07.2025 10:42:24
- Zuletzt bearbeitet 10.07.2025 13:17:30
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- Teams Watchlist Login
- Unerledigt Login
In the Linux kernel, the following vulnerability has been resolved: scsi: megaraid_sas: Fix invalid node index On a system with DRAM interleave enabled, out-of-bound access is detected: megaraid_sas 0000:3f:00.0: requested/available msix 128/128 poll_queue 0 ------------[ cut here ]------------ UBSAN: array-index-out-of-bounds in ./arch/x86/include/asm/topology.h:72:28 index -1 is out of range for type 'cpumask *[1024]' dump_stack_lvl+0x5d/0x80 ubsan_epilogue+0x5/0x2b __ubsan_handle_out_of_bounds.cold+0x46/0x4b megasas_alloc_irq_vectors+0x149/0x190 [megaraid_sas] megasas_probe_one.cold+0xa4d/0x189c [megaraid_sas] local_pci_probe+0x42/0x90 pci_device_probe+0xdc/0x290 really_probe+0xdb/0x340 __driver_probe_device+0x78/0x110 driver_probe_device+0x1f/0xa0 __driver_attach+0xba/0x1c0 bus_for_each_dev+0x8b/0xe0 bus_add_driver+0x142/0x220 driver_register+0x72/0xd0 megasas_init+0xdf/0xff0 [megaraid_sas] do_one_initcall+0x57/0x310 do_init_module+0x90/0x250 init_module_from_file+0x85/0xc0 idempotent_init_module+0x114/0x310 __x64_sys_finit_module+0x65/0xc0 do_syscall_64+0x82/0x170 entry_SYSCALL_64_after_hwframe+0x76/0x7e Fix it accordingly.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version <
f1064b3532192e987ab17be7281d5fee36fd25e1
Version
8049da6f3943d0ac51931b8064b2e4769a69a967
Status
affected
Version <
bf2c1643abc3b2507d56bb6c22bf9897272f8a35
Version
8049da6f3943d0ac51931b8064b2e4769a69a967
Status
affected
Version <
19a47c966deb36624843b7301f0373a3dc541a05
Version
8049da6f3943d0ac51931b8064b2e4769a69a967
Status
affected
Version <
074efb35552556a4b3b25eedab076d5dc24a8199
Version
8049da6f3943d0ac51931b8064b2e4769a69a967
Status
affected
Version <
752eb816b55adb0673727ba0ed96609a17895654
Version
8049da6f3943d0ac51931b8064b2e4769a69a967
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
5.17
Status
affected
Version <
5.17
Version
0
Status
unaffected
Version <=
6.1.*
Version
6.1.143
Status
unaffected
Version <=
6.6.*
Version
6.6.96
Status
unaffected
Version <=
6.12.*
Version
6.12.36
Status
unaffected
Version <=
6.15.*
Version
6.15.5
Status
unaffected
Version <=
*
Version
6.16
Status
unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.059 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|