5.5

CVE-2025-38408

genirq/irq_sim: Initialize work context pointers properly

In the Linux kernel, the following vulnerability has been resolved:

genirq/irq_sim: Initialize work context pointers properly

Initialize `ops` member's pointers properly by using kzalloc() instead of
kmalloc() when allocating the simulation work context. Otherwise the
pointers contain random content leading to invalid dereferencing.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.8 < 6.12.37
LinuxLinux Kernel Version >= 6.13 < 6.15.6
LinuxLinux Kernel Version6.16 Updaterc1
LinuxLinux Kernel Version6.16 Updaterc2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.16% 0.053
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/19bd7597858dd15802c1d99fcc38e528f469080a
Patch
https://git.kernel.org/stable/c/7f73d1def72532bac4d55ea8838f457a6bed955c
Patch
https://git.kernel.org/stable/c/8a2277a3c9e4cc5398f80821afe7ecbe9bdf2819
Patch
https://git.kernel.org/stable/c/ec3656a8cb428d763def32bc2fa695f94be23629
Patch
https://git.kernel.org/stable/c/186df821de0f34490ed5fc0861243748b2483861
Patch
https://git.kernel.org/stable/c/c71aa4bb528ae6f8fd7577a0a39e5a03c60b04fb
Patch