CVE-2025-38077
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store()
If the 'buf' array received from the user contains an empty string, the 'length' variable will be zero. Accessing the 'buf' array element with index 'length - 1' will result in a buffer overflow.
Add a check for an empty string.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | e8a60aa7404bfef37705da5607c97737073ac38d < fb7cde625872709b8cedad9b241e0ec3d82fa7d3 | affected |
| Linux | Linux | e8a60aa7404bfef37705da5607c97737073ac38d < 60bd13f8c4b3de2c910ae1cdbef85b9bbc9685f5 | affected |
| Linux | Linux | e8a60aa7404bfef37705da5607c97737073ac38d < f86465626917df3b8bdd2756ec0cc9d179c5af0f | affected |
| Linux | Linux | e8a60aa7404bfef37705da5607c97737073ac38d < 8594a123cfa23d708582dc6fb36da34479ef8a5b | affected |
| Linux | Linux | e8a60aa7404bfef37705da5607c97737073ac38d < 97066373ffd55bd9af0b512ff3dd1f647620a3dc | affected |
| Linux | Linux | e8a60aa7404bfef37705da5607c97737073ac38d < 4e89a4077490f52cde652d17e32519b666abf3a6 | affected |
| Linux | Linux | 5.11 | affected |
| Linux | Linux | 0 < 5.11 | unaffected |
| Linux | Linux | 5.15.185 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.141 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.93 <= 6.6.* | unaffected |
| Linux | Linux | 6.12.31 <= 6.12.* | unaffected |
| Linux | Linux | 6.14.9 <= 6.14.* | unaffected |
| Linux | Linux | 6.15 <= * | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
References
- https://git.kernel.org/stable/c/fb7cde625872709b8cedad9b241e0ec3d82fa7d3
- https://git.kernel.org/stable/c/60bd13f8c4b3de2c910ae1cdbef85b9bbc9685f5
- https://git.kernel.org/stable/c/f86465626917df3b8bdd2756ec0cc9d179c5af0f
- https://git.kernel.org/stable/c/8594a123cfa23d708582dc6fb36da34479ef8a5b
- https://git.kernel.org/stable/c/97066373ffd55bd9af0b512ff3dd1f647620a3dc
- https://git.kernel.org/stable/c/4e89a4077490f52cde652d17e32519b666abf3a6
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.