CVE-2025-38200
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
i40e: fix MMIO write access to an invalid page in i40e_clear_hw
When the device sends a specific input, an integer underflow can occur, leading to MMIO write access to an invalid page.
Prevent the integer underflow by changing the type of related variables.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 1bff652941c4d94f97610c9a30473aad6f5b2fff < 872607632c658d3739e4e7889e4f3c419ae2c193 | affected |
| Linux | Linux | 1bff652941c4d94f97610c9a30473aad6f5b2fff < 5e75c9082987479e647c75ec8fdf18fa68263c42 | affected |
| Linux | Linux | 1bff652941c4d94f97610c9a30473aad6f5b2fff < fecb2fc3fc10c95724407cc45ea35af4a65cdde2 | affected |
| Linux | Linux | 1bff652941c4d94f97610c9a30473aad6f5b2fff < d88a1e8f024ba26e19350958fecbf771a9960352 | affected |
| Linux | Linux | 1bff652941c4d94f97610c9a30473aad6f5b2fff < 8cde755f56163281ec2c46b4ae8b61f532758a6f | affected |
| Linux | Linux | 1bff652941c4d94f97610c9a30473aad6f5b2fff < 3502dd42f178dae9d54696013386bb52b4f2e655 | affected |
| Linux | Linux | 1bff652941c4d94f97610c9a30473aad6f5b2fff < 2a1f4f2e36442a9bdf771acf6ee86f3cf876e5ca | affected |
| Linux | Linux | 1bff652941c4d94f97610c9a30473aad6f5b2fff < 015bac5daca978448f2671478c553ce1f300c21e | affected |
| Linux | Linux | 3.12 | affected |
| Linux | Linux | 0 < 3.12 | unaffected |
| Linux | Linux | 5.4.295 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.239 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.186 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.142 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.95 <= 6.6.* | unaffected |
| Linux | Linux | 6.12.35 <= 6.12.* | unaffected |
| Linux | Linux | 6.15.4 <= 6.15.* | unaffected |
| Linux | Linux | 6.16 <= * | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/872607632c658d3739e4e7889e4f3c419ae2c193
- https://git.kernel.org/stable/c/5e75c9082987479e647c75ec8fdf18fa68263c42
- https://git.kernel.org/stable/c/fecb2fc3fc10c95724407cc45ea35af4a65cdde2
- https://git.kernel.org/stable/c/d88a1e8f024ba26e19350958fecbf771a9960352
- https://git.kernel.org/stable/c/8cde755f56163281ec2c46b4ae8b61f532758a6f
- https://git.kernel.org/stable/c/3502dd42f178dae9d54696013386bb52b4f2e655
- https://git.kernel.org/stable/c/2a1f4f2e36442a9bdf771acf6ee86f3cf876e5ca
- https://git.kernel.org/stable/c/015bac5daca978448f2671478c553ce1f300c21e
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.