CVE-2025-38533

Summary

In the Linux kernel, the following vulnerability has been resolved:

net: libwx: fix the using of Rx buffer DMA

The wx_rx_buffer structure contained two DMA address fields: 'dma' and 'page_dma'. However, only 'page_dma' was actually initialized and used to program the Rx descriptor. But 'dma' was uninitialized and used in some paths.

This could lead to undefined behavior, including DMA errors or use-after-free, if the uninitialized 'dma' was used. Althrough such error has not yet occurred, it is worth fixing in the code.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux3c47e8ae113a68da47987750d9896e325d0aeedd < 027701180a7bcb64c42eab291133ef0c87b5b6c5affected
LinuxLinux3c47e8ae113a68da47987750d9896e325d0aeedd < ba7c793f96c1c2b944bb6f423d7243f3afc30fe9affected
LinuxLinux3c47e8ae113a68da47987750d9896e325d0aeedd < 05c37b574997892a40a0e9b9b88a481566b2367daffected
LinuxLinux3c47e8ae113a68da47987750d9896e325d0aeedd < 5fd77cc6bd9b368431a815a780e407b7781bcca0affected
LinuxLinux6.3affected
LinuxLinux0 < 6.3unaffected
LinuxLinux6.6.100 <= 6.6.*unaffected
LinuxLinux6.12.40 <= 6.12.*unaffected
LinuxLinux6.15.8 <= 6.15.*unaffected
LinuxLinux6.16 <= *unaffected

Weaknesses

References