CVE-2025-38408

Summary

In the Linux kernel, the following vulnerability has been resolved:

genirq/irq_sim: Initialize work context pointers properly

Initialize ops member's pointers properly by using kzalloc() instead of kmalloc() when allocating the simulation work context. Otherwise the pointers contain random content leading to invalid dereferencing.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux337cbeb2c13eb4cab84f576fd402d7ae4ed31ae1 < 186df821de0f34490ed5fc0861243748b2483861affected
LinuxLinux337cbeb2c13eb4cab84f576fd402d7ae4ed31ae1 < c71aa4bb528ae6f8fd7577a0a39e5a03c60b04fbaffected
LinuxLinux337cbeb2c13eb4cab84f576fd402d7ae4ed31ae1 < ec3656a8cb428d763def32bc2fa695f94be23629affected
LinuxLinux337cbeb2c13eb4cab84f576fd402d7ae4ed31ae1 < 19bd7597858dd15802c1d99fcc38e528f469080aaffected
LinuxLinux337cbeb2c13eb4cab84f576fd402d7ae4ed31ae1 < 7f73d1def72532bac4d55ea8838f457a6bed955caffected
LinuxLinux337cbeb2c13eb4cab84f576fd402d7ae4ed31ae1 < 8a2277a3c9e4cc5398f80821afe7ecbe9bdf2819affected
LinuxLinux5.8affected
LinuxLinux0 < 5.8unaffected
LinuxLinux5.15.199 <= 5.15.*unaffected
LinuxLinux6.1.162 <= 6.1.*unaffected
LinuxLinux6.6.120 <= 6.6.*unaffected
LinuxLinux6.12.37 <= 6.12.*unaffected
LinuxLinux6.15.6 <= 6.15.*unaffected
LinuxLinux6.16 <= *unaffected

Weaknesses

References