5.5
CVE-2025-38408
- EPSS 0.16%
- Veröffentlicht 25.07.2025 14:15:32
- Zuletzt bearbeitet 17.03.2026 13:42:15
- CVE-Watchlists
- Unerledigt
genirq/irq_sim: Initialize work context pointers properly
In the Linux kernel, the following vulnerability has been resolved: genirq/irq_sim: Initialize work context pointers properly Initialize `ops` member's pointers properly by using kzalloc() instead of kmalloc() when allocating the simulation work context. Otherwise the pointers contain random content leading to invalid dereferencing.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.8 < 6.12.37
Linux ≫ Linux Kernel Version >= 6.13 < 6.15.6
Linux ≫ Linux Kernel Version6.16 Updaterc1
Linux ≫ Linux Kernel Version6.16 Updaterc2
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.16% | 0.053 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
https://git.kernel.org/stable/c/19bd7597858dd15802c1d99fcc38e528f469080a
https://git.kernel.org/stable/c/7f73d1def72532bac4d55ea8838f457a6bed955c
https://git.kernel.org/stable/c/8a2277a3c9e4cc5398f80821afe7ecbe9bdf2819
https://git.kernel.org/stable/c/ec3656a8cb428d763def32bc2fa695f94be23629
https://git.kernel.org/stable/c/186df821de0f34490ed5fc0861243748b2483861
https://git.kernel.org/stable/c/c71aa4bb528ae6f8fd7577a0a39e5a03c60b04fb