-

CVE-2025-38401

EPSS 0.04%
Veröffentlicht 25.07.2025 13:15:29
Zuletzt bearbeitet 25.07.2025 15:29:19
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

mtk-sd: Prevent memory corruption from DMA map failure

If msdc_prepare_data() fails to map the DMA region, the request is
not prepared for data receiving, but msdc_start_data() proceeds
the DMA with previous setting.
Since this will lead a memory corruption, we have to stop the
request operation soon after the msdc_prepare_data() fails to
prepare it.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 5ac9e9e2e9cd6247d8c2d99780eae4556049e1cc

Version 208489032bdd8d4a7de50f3057c175058f271956

Status affected

Version < d54771571f74a82c59830a32e76af78a8e57ac69

Version 208489032bdd8d4a7de50f3057c175058f271956

Status affected

Version < 48bf4f3dfcdab02b22581d8e350a2d23130b72c0

Version 208489032bdd8d4a7de50f3057c175058f271956

Status affected

Version < 63e8953f16acdcb23e2d4dd8a566d3c34df3e200

Version 208489032bdd8d4a7de50f3057c175058f271956

Status affected

Version < 61cdd663564674ea21ceb50aa9d3697cbe9e45f9

Version 208489032bdd8d4a7de50f3057c175058f271956

Status affected

Version < 3419bc6a7b65cbbb91417bb9970208478e034c79

Version 208489032bdd8d4a7de50f3057c175058f271956

Status affected

Version < a5f5f67b284d81776d4a3eb1f8607e4b7f91f11c

Version 208489032bdd8d4a7de50f3057c175058f271956

Status affected

Version < f5de469990f19569627ea0dd56536ff5a13beaa3

Version 208489032bdd8d4a7de50f3057c175058f271956

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.2

Status affected

Version < 4.2

Version 0

Status unaffected

Version <= 5.4.*

Version 5.4.296

Status unaffected

Version <= 5.10.*

Version 5.10.240

Status unaffected

Version <= 5.15.*

Version 5.15.187

Status unaffected

Version <= 6.1.*

Version 6.1.144

Status unaffected

Version <= 6.6.*

Version 6.6.97

Status unaffected

Version <= 6.12.*

Version 6.12.37

Status unaffected

Version <= 6.15.*

Version 6.15.6

Status unaffected

Version <= *

Version 6.16

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.103

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/3419bc6a7b65cbbb91417bb9970208478e034c79

https://git.kernel.org/stable/c/48bf4f3dfcdab02b22581d8e350a2d23130b72c0

https://git.kernel.org/stable/c/5ac9e9e2e9cd6247d8c2d99780eae4556049e1cc

https://git.kernel.org/stable/c/61cdd663564674ea21ceb50aa9d3697cbe9e45f9

https://git.kernel.org/stable/c/63e8953f16acdcb23e2d4dd8a566d3c34df3e200

https://git.kernel.org/stable/c/a5f5f67b284d81776d4a3eb1f8607e4b7f91f11c

https://git.kernel.org/stable/c/d54771571f74a82c59830a32e76af78a8e57ac69

https://git.kernel.org/stable/c/f5de469990f19569627ea0dd56536ff5a13beaa3

https://nvd.nist.gov/vuln/detail/CVE-2025-38401

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38401

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38401

EUVD