CVE-2025-38484

In the Linux kernel, the following vulnerability has been resolved: iio: backend: fix out-of-bound write The buffer is set to 80 character. If a caller write more characters, count is truncated to the max available space in "simple_write_to_buffer". But afterwards a string terminator is written to the buffer at offset count without boundary check. The zero termination is written OUT-OF-BOUND. Add a check that the given buffer is smaller then the buffer to prevent.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/01e941aa7f5175125df4ac5d3aab099961525602	Patch
https://git.kernel.org/stable/c/6eea9f7648ddb9e4903735a1f77cf196c957aa38	Patch
https://git.kernel.org/stable/c/da9374819eb3885636934c1006d450c3cb1a02ed	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.16:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.16:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.16:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.16:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.16:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.16:rc6::::::

History

19 Nov 2025, 17:37

Type	Values Removed	Values Added
First Time		Linux Linux linux Kernel
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.8
CWE		CWE-787
CPE		cpe:2.3:o:linux:linux_kernel:6.16:rc2:::::: cpe:2.3:o:linux:linux_kernel:6.16:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.16:rc6:::::: cpe:2.3:o:linux:linux_kernel:6.16:rc3:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.16:rc5:::::: cpe:2.3:o:linux:linux_kernel:6.16:rc4::::::
References	~~() https://git.kernel.org/stable/c/01e941aa7f5175125df4ac5d3aab099961525602 -~~	() https://git.kernel.org/stable/c/01e941aa7f5175125df4ac5d3aab099961525602 - Patch
References	~~() https://git.kernel.org/stable/c/6eea9f7648ddb9e4903735a1f77cf196c957aa38 -~~	() https://git.kernel.org/stable/c/6eea9f7648ddb9e4903735a1f77cf196c957aa38 - Patch
References	~~() https://git.kernel.org/stable/c/da9374819eb3885636934c1006d450c3cb1a02ed -~~	() https://git.kernel.org/stable/c/da9374819eb3885636934c1006d450c3cb1a02ed - Patch

29 Jul 2025, 14:14

Type	Values Removed	Values Added
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iio: backend: corrección de escritura fuera de límite. El búfer está configurado a 80 caracteres. Si quien llama escribe más caracteres, count se trunca al espacio máximo disponible en "simple_write_to_buffer". Posteriormente, se escribe un terminador de cadena en el búfer en el desplazamiento count sin verificación de los límites. La terminación cero se escribe OUT-OF-BOUND. Para evitarlo, se debe añadir una verificación de que el búfer dado sea menor que el búfer.

28 Jul 2025, 12:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-28 12:15

Updated : 2025-11-19 17:37

NVD link : CVE-2025-38484

Mitre link : CVE-2025-38484

CVE.ORG link : CVE-2025-38484

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-787

Out-of-bounds Write

7.8 /10