-

CVE-2025-38391

EPSS 0.04%
Veröffentlicht 25.07.2025 13:15:28
Zuletzt bearbeitet 25.07.2025 15:29:19
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

usb: typec: altmodes/displayport: do not index invalid pin_assignments

A poorly implemented DisplayPort Alt Mode port partner can indicate
that its pin assignment capabilities are greater than the maximum
value, DP_PIN_ASSIGN_F. In this case, calls to pin_assignment_show
will cause a BRK exception due to an out of bounds array access.

Prevent for loop in pin_assignment_show from accessing
invalid values in pin_assignments by adding DP_PIN_ASSIGN_MAX
value in typec_dp.h and using i < DP_PIN_ASSIGN_MAX as a loop
condition.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < c93bc959788ed9a1af7df57cb539837bdf790cee

Version 0e3bb7d6894d9b6e67d6382bb03a46a1dc989588

Status affected

Version < 114a977e0f6bf278e05eade055e13fc271f69cf7

Version 0e3bb7d6894d9b6e67d6382bb03a46a1dc989588

Status affected

Version < 621d5a3ef0231ab242f2d31eecec40c38ca609c5

Version 0e3bb7d6894d9b6e67d6382bb03a46a1dc989588

Status affected

Version < 2f535517b5611b7221ed478527e4b58e29536ddf

Version 0e3bb7d6894d9b6e67d6382bb03a46a1dc989588

Status affected

Version < 45e9444b3b97eaf51a5024f1fea92f44f39b50c6

Version 0e3bb7d6894d9b6e67d6382bb03a46a1dc989588

Status affected

Version < 5581e694d3a1c2f32c5a51d745c55b107644e1f8

Version 0e3bb7d6894d9b6e67d6382bb03a46a1dc989588

Status affected

Version < 47cb5d26f61d80c805d7de4106451153779297a1

Version 0e3bb7d6894d9b6e67d6382bb03a46a1dc989588

Status affected

Version < af4db5a35a4ef7a68046883bfd12468007db38f1

Version 0e3bb7d6894d9b6e67d6382bb03a46a1dc989588

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.19

Status affected

Version < 4.19

Version 0

Status unaffected

Version <= 5.4.*

Version 5.4.296

Status unaffected

Version <= 5.10.*

Version 5.10.240

Status unaffected

Version <= 5.15.*

Version 5.15.187

Status unaffected

Version <= 6.1.*

Version 6.1.144

Status unaffected

Version <= 6.6.*

Version 6.6.97

Status unaffected

Version <= 6.12.*

Version 6.12.37

Status unaffected

Version <= 6.15.*

Version 6.15.6

Status unaffected

Version <= *

Version 6.16

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.103

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/114a977e0f6bf278e05eade055e13fc271f69cf7

https://git.kernel.org/stable/c/2f535517b5611b7221ed478527e4b58e29536ddf

https://git.kernel.org/stable/c/45e9444b3b97eaf51a5024f1fea92f44f39b50c6

https://git.kernel.org/stable/c/47cb5d26f61d80c805d7de4106451153779297a1

https://git.kernel.org/stable/c/5581e694d3a1c2f32c5a51d745c55b107644e1f8

https://git.kernel.org/stable/c/621d5a3ef0231ab242f2d31eecec40c38ca609c5

https://git.kernel.org/stable/c/af4db5a35a4ef7a68046883bfd12468007db38f1

https://git.kernel.org/stable/c/c93bc959788ed9a1af7df57cb539837bdf790cee

https://nvd.nist.gov/vuln/detail/CVE-2025-38391

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38391

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38391

EUVD