7.8
CVE-2025-38298
- EPSS 0.19%
- Veröffentlicht 10.07.2025 07:42:11
- Zuletzt bearbeitet 19.12.2025 17:51:03
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
EDAC/skx_common: Fix general protection fault
In the Linux kernel, the following vulnerability has been resolved:
EDAC/skx_common: Fix general protection fault
After loading i10nm_edac (which automatically loads skx_edac_common), if
unload only i10nm_edac, then reload it and perform error injection testing,
a general protection fault may occur:
mce: [Hardware Error]: Machine check events logged
Oops: general protection fault ...
...
Workqueue: events mce_gen_pool_process
RIP: 0010:string+0x53/0xe0
...
Call Trace:
<TASK>
? die_addr+0x37/0x90
? exc_general_protection+0x1e7/0x3f0
? asm_exc_general_protection+0x26/0x30
? string+0x53/0xe0
vsnprintf+0x23e/0x4c0
snprintf+0x4d/0x70
skx_adxl_decode+0x16a/0x330 [skx_edac_common]
skx_mce_check_error.part.0+0xf8/0x220 [skx_edac_common]
skx_mce_check_error+0x17/0x20 [skx_edac_common]
...
The issue arose was because the variable 'adxl_component_count' (inside
skx_edac_common), which counts the ADXL components, was not reset. During
the reloading of i10nm_edac, the count was incremented by the actual number
of ADXL components again, resulting in a count that was double the real
number of ADXL components. This led to an out-of-bounds reference to the
ADXL component array, causing the general protection fault above.
Fix this issue by resetting the 'adxl_component_count' in adxl_put(),
which is called during the unloading of {skx,i10nm}_edac.Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.4.282 < 5.4.295
Linux ≫ Linux Kernel Version >= 5.10.224 < 5.10.239
Linux ≫ Linux Kernel Version >= 5.15.165 < 5.15.186
Linux ≫ Linux Kernel Version >= 6.1.103 < 6.1.142
Linux ≫ Linux Kernel Version >= 6.6.44 < 6.6.94
Linux ≫ Linux Kernel Version >= 6.10.3 < 6.12.34
Linux ≫ Linux Kernel Version >= 6.13 < 6.15.3
Debian ≫ Debian Linux Version11.0
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.19% | 0.087 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.
https://git.kernel.org/stable/c/80bf28fd623d97dd4f4825fbbe9d736cec2afba3
https://git.kernel.org/stable/c/a6ed3a6edff09c1187cc6ade7f5967bca2376a13
https://git.kernel.org/stable/c/bf6a8502a5f4ff6e4d135d795945cdade49ec8b0
https://git.kernel.org/stable/c/e8530ed3c0769a4d8f79c212715ec1cf277787f8
https://git.kernel.org/stable/c/3f5d0659000923735350da60ad710f8c804544fe
https://git.kernel.org/stable/c/a13e8343ffcff27af1ff79597ff7ba241e6d9471
https://git.kernel.org/stable/c/31ef6f7c9aee3be78d63789653e92350f2537f93
https://git.kernel.org/stable/c/20d2d476b3ae18041be423671a8637ed5ffd6958
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html