CVE-2025-38082

Summary

In the Linux kernel, the following vulnerability has been resolved:

gpio: virtuser: fix potential out-of-bound write

If the caller wrote more characters, count is truncated to the max available space in "simple_write_to_buffer". Check that the input size does not exceed the buffer size. Write a zero termination afterwards.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux91581c4b3f29e2e22aeb1a62e842d529ca638b2d < afe090366f470f77e140ff3407db813f57852c04affected
LinuxLinux91581c4b3f29e2e22aeb1a62e842d529ca638b2d < b96feaaa0fda1e3871b438143c3446954b32d3a7affected
LinuxLinux91581c4b3f29e2e22aeb1a62e842d529ca638b2d < 7118be7c6072f40391923543fdd1563b8d56377caffected
LinuxLinux6.11affected
LinuxLinux0 < 6.11unaffected
LinuxLinux6.12.32 <= 6.12.*unaffected
LinuxLinux6.14.10 <= 6.14.*unaffected
LinuxLinux6.15 <= *unaffected

Weaknesses

References