-

CVE-2025-38715

EPSS 0.05%
Veröffentlicht 04.09.2025 15:33:09
Zuletzt bearbeitet 05.09.2025 17:47:24
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

hfs: fix slab-out-of-bounds in hfs_bnode_read()

This patch introduces is_bnode_offset_valid() method that checks
the requested offset value. Also, it introduces
check_and_correct_requested_length() method that checks and
correct the requested length (if it is necessary). These methods
are used in hfs_bnode_read(), hfs_bnode_write(), hfs_bnode_clear(),
hfs_bnode_copy(), and hfs_bnode_move() with the goal to prevent
the access out of allocated memory and triggering the crash.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 12

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < e7d2dc2421e821e4045775e6dc226378328de6f6

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 67ecc81f6492275c9c54280532f558483c99c90e

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < a1a60e79502279f996e55052f50cc14919020475

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < fe2891a9c43ab87d1a210d61e6438ca6936e2f62

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 384a66b89f9540a9a8cb0f48807697dfabaece4c

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < efc095b35b23297e419c2ab4fc1ed1a8f0781a29

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < fc7f732984ec91f30be3e574e0644066d07f2b78

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < eec522fd0d28106b14a59ab2d658605febe4a3bb

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < a431930c9bac518bf99d6b1da526a7f37ddee8d8

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version <= 5.4.*

Version 5.4.297

Status unaffected

Version <= 5.10.*

Version 5.10.241

Status unaffected

Version <= 5.15.*

Version 5.15.190

Status unaffected

Version <= 6.1.*

Version 6.1.149

Status unaffected

Version <= 6.6.*

Version 6.6.103

Status unaffected

Version <= 6.12.*

Version 6.12.43

Status unaffected

Version <= 6.15.*

Version 6.15.11

Status unaffected

Version <= 6.16.*

Version 6.16.2

Status unaffected

Version <= *

Version 6.17-rc1

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.143

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/e7d2dc2421e821e4045775e6dc226378328de6f6

https://git.kernel.org/stable/c/67ecc81f6492275c9c54280532f558483c99c90e

https://git.kernel.org/stable/c/a1a60e79502279f996e55052f50cc14919020475

https://git.kernel.org/stable/c/fe2891a9c43ab87d1a210d61e6438ca6936e2f62

https://git.kernel.org/stable/c/384a66b89f9540a9a8cb0f48807697dfabaece4c

https://git.kernel.org/stable/c/efc095b35b23297e419c2ab4fc1ed1a8f0781a29

https://git.kernel.org/stable/c/fc7f732984ec91f30be3e574e0644066d07f2b78

https://git.kernel.org/stable/c/eec522fd0d28106b14a59ab2d658605febe4a3bb

https://git.kernel.org/stable/c/a431930c9bac518bf99d6b1da526a7f37ddee8d8

https://nvd.nist.gov/vuln/detail/CVE-2025-38715

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38715

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38715

EUVD