-

CVE-2025-38342

EPSS 0.04%
Veröffentlicht 10.07.2025 08:15:11
Zuletzt bearbeitet 10.07.2025 13:17:30
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

software node: Correct a OOB check in software_node_get_reference_args()

software_node_get_reference_args() wants to get @index-th element, so
the property value requires at least '(index + 1) * sizeof(*ref)' bytes
but that can not be guaranteed by current OOB check, and may cause OOB
for malformed property.

Fix by using as OOB check '((index + 1) * sizeof(*ref) > prop->length)'.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 10

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 142acd739eb6f08c148a96ae8309256f1422ff4b

Version 59abd83672f70cac4b6bf9b237506c5bc6837606

Status affected

Version < 56ce76e8d406cc72b89aee7931df5cf3f18db49d

Version 59abd83672f70cac4b6bf9b237506c5bc6837606

Status affected

Version < 9324127b07dde8529222dc19233aa57ec810856c

Version 59abd83672f70cac4b6bf9b237506c5bc6837606

Status affected

Version < f9397cf7bfb680799fb8c7f717c8f756384c3280

Version 59abd83672f70cac4b6bf9b237506c5bc6837606

Status affected

Version < 4b3383110b6df48e0ba5936af2cb68d5eb6bd43b

Version 59abd83672f70cac4b6bf9b237506c5bc6837606

Status affected

Version < 7af18e42bdefe1dba5bcb32555a4d524fd504939

Version 59abd83672f70cac4b6bf9b237506c5bc6837606

Status affected

Version < 31e4e12e0e9609850cefd4b2e1adf782f56337d6

Version 59abd83672f70cac4b6bf9b237506c5bc6837606

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.0

Status affected

Version < 5.0

Version 0

Status unaffected

Version <= 5.10.*

Version 5.10.239

Status unaffected

Version <= 5.15.*

Version 5.15.186

Status unaffected

Version <= 6.1.*

Version 6.1.142

Status unaffected

Version <= 6.6.*

Version 6.6.95

Status unaffected

Version <= 6.12.*

Version 6.12.35

Status unaffected

Version <= 6.15.*

Version 6.15.4

Status unaffected

Version <= *

Version 6.16

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.098

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/142acd739eb6f08c148a96ae8309256f1422ff4b

https://git.kernel.org/stable/c/56ce76e8d406cc72b89aee7931df5cf3f18db49d

https://git.kernel.org/stable/c/9324127b07dde8529222dc19233aa57ec810856c

https://git.kernel.org/stable/c/f9397cf7bfb680799fb8c7f717c8f756384c3280

https://git.kernel.org/stable/c/4b3383110b6df48e0ba5936af2cb68d5eb6bd43b

https://git.kernel.org/stable/c/7af18e42bdefe1dba5bcb32555a4d524fd504939

https://git.kernel.org/stable/c/31e4e12e0e9609850cefd4b2e1adf782f56337d6

https://nvd.nist.gov/vuln/detail/CVE-2025-38342

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38342

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38342

EUVD