CVE-2025-38088

HIGH

Linux Kernel 5.13-6.15.2 - PowerPC PowerNV Memtrace mmap Out-of-bounds Read

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap memtrace mmap issue has an out of bounds issue. This patch fixes the by checking that the requested mapping region size should stay within the allocated region size.

References (7)

Core 7

Core References

Third Party Advisory

https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html

Patch

https://git.kernel.org/stable/c/81260c41b518b6f32c701425f1427562fa92f293

Patch

https://git.kernel.org/stable/c/620b77b23c41a6546e5548ffe2ea3ad71880dde4

Patch

https://git.kernel.org/stable/c/8635e325b85dfb9ddebdfaa6b5605d40d16cd147

Patch

https://git.kernel.org/stable/c/9c340b56d60545e4a159e41523dd8b23f81d3261

Patch

https://git.kernel.org/stable/c/bbd5a9ddb0f9750783a48a871c9e12c0b68c5f39

Patch

https://git.kernel.org/stable/c/cd097df4596f3a1e9d75eb8520162de1eb8485b2

Scores

CVSS v3 7.1

EPSS 0.0014

EPSS Percentile 3.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Details

CWE

CWE-125

Status published

Products (22)

debian/debian_linux 11.0

linux/Kernel 5.13.0 - 5.15.186linux

linux/Kernel 5.16.0 - 6.1.142linux

linux/Kernel 6.13.0 - 6.15.3linux

linux/Kernel 6.2.0 - 6.6.94linux

linux/Kernel 6.7.0 - 6.12.34linux

Linux/Linux < 5.13

Linux/Linux 08a022ad3dfafc7e33d4529015e14bb75179cacc - 620b77b23c41a6546e5548ffe2ea3ad71880dde4

Linux/Linux 08a022ad3dfafc7e33d4529015e14bb75179cacc - 81260c41b518b6f32c701425f1427562fa92f293

Linux/Linux 08a022ad3dfafc7e33d4529015e14bb75179cacc - 8635e325b85dfb9ddebdfaa6b5605d40d16cd147

... and 12 more

Published Jun 30, 2025

Tracked Since Feb 18, 2026