CVE-2025-38538Out-of-bounds Write in Linux

CWE-787Out-of-bounds WriteCWE-908Use of Uninitialized Resource36 documents8 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 94.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedAug 16
Latest updateMar 25

Description

In the Linux kernel, the following vulnerability has been resolved: dmaengine: nbpfaxi: Fix memory corruption in probe() The nbpf->chan[] array is allocated earlier in the nbpf_probe() function and it has "num_channels" elements. These three loops iterate one element farther than they should and corrupt memory. The changes to the second loop are more involved. In this case, we're copying data from the irqbuf[] array into the nbpf->chan[] array. If the data in irqbuf[i] is the error IRQ then w

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

NVDlinux/linux_kernel3.175.4.297+7
Debianlinux/linux_kernel< 5.10.244-1+3
CVEListV5linux/linuxb45b262cefd5b8eb2ba88d20e5bd29588129389484fff8e6f11b9af1407e273995b5257d99ff0cff+8

Also affects: Debian Linux 11.0

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
OSV
CVE-2025-38538: In the Linux kernel, the following vulnerability has been resolved: dmaengine: nbpfaxi: Fix memory corruption in probe() The nbpf->chan[] array is all2025-08-16
CVEList
dmaengine: nbpfaxi: Fix memory corruption in probe()2025-08-16
GHSA
GHSA-646r-2h84-3p3v: In the Linux kernel, the following vulnerability has been resolved: dmaengine: nbpfaxi: Fix memory corruption in probe() The nbpf->chan[] array is a2025-08-16

📋Vendor Advisories

32
Ubuntu
Linux kernel (Azure) vulnerabilities2026-03-25
Ubuntu
Linux kernel (Azure) vulnerabilities2026-03-04
Ubuntu
Linux kernel (Azure FIPS) vulnerabilities2026-03-04
Ubuntu
Linux kernel (Xilinx) vulnerabilities2026-02-24
Ubuntu
Linux kernel (IBM) vulnerabilities2026-02-24
CVE-2025-38538 — Out-of-bounds Write in Linux | cvebase