-

CVE-2025-38386

EPSS 0.04%
Veröffentlicht 25.07.2025 13:15:27
Zuletzt bearbeitet 25.07.2025 15:29:19
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

ACPICA: Refuse to evaluate a method if arguments are missing

As reported in [1], a platform firmware update that increased the number
of method parameters and forgot to update a least one of its callers,
caused ACPICA to crash due to use-after-free.

Since this a result of a clear AML issue that arguably cannot be fixed
up by the interpreter (it cannot produce missing data out of thin air),
address it by making ACPICA refuse to evaluate a method if the caller
attempts to pass fewer arguments than expected to it.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < b49d224d1830c46e20adce2a239c454cdab426f1

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 2219e49857ffd6aea1b1ca5214d3270f84623a16

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < ab1e8491c19eb2ea0fda81ef28e841c7cb6399f5

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 4305d936abde795c2ef6ba916de8f00a50f64d2d

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < d547779e72cea9865b732cd45393c4cd02b3598e

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 18ff4ed6a33a7e3f2097710eacc96bea7696e803

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < c9e4da550ae196132b990bd77ed3d8f2d9747f87

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 6fcab2791543924d438e7fa49276d0998b0a069f

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version <= 5.4.*

Version 5.4.296

Status unaffected

Version <= 5.10.*

Version 5.10.240

Status unaffected

Version <= 5.15.*

Version 5.15.187

Status unaffected

Version <= 6.1.*

Version 6.1.144

Status unaffected

Version <= 6.6.*

Version 6.6.97

Status unaffected

Version <= 6.12.*

Version 6.12.37

Status unaffected

Version <= 6.15.*

Version 6.15.6

Status unaffected

Version <= *

Version 6.16

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.103

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/18ff4ed6a33a7e3f2097710eacc96bea7696e803

https://git.kernel.org/stable/c/2219e49857ffd6aea1b1ca5214d3270f84623a16

https://git.kernel.org/stable/c/4305d936abde795c2ef6ba916de8f00a50f64d2d

https://git.kernel.org/stable/c/6fcab2791543924d438e7fa49276d0998b0a069f

https://git.kernel.org/stable/c/ab1e8491c19eb2ea0fda81ef28e841c7cb6399f5

https://git.kernel.org/stable/c/b49d224d1830c46e20adce2a239c454cdab426f1

https://git.kernel.org/stable/c/c9e4da550ae196132b990bd77ed3d8f2d9747f87

https://git.kernel.org/stable/c/d547779e72cea9865b732cd45393c4cd02b3598e

https://nvd.nist.gov/vuln/detail/CVE-2025-38386

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38386

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38386

EUVD