Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-38425

Summary
Assigner-Linux
Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At-25 Jul, 2025 | 14:16
Updated At-02 Jan, 2026 | 15:30
Rejected At-
Credits

i2c: tegra: check msg length in SMBUS block read

In the Linux kernel, the following vulnerability has been resolved: i2c: tegra: check msg length in SMBUS block read For SMBUS block read, do not continue to read if the message length passed from the device is '0' or greater than the maximum allowed bytes.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Linux
Assigner Org ID:416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At:25 Jul, 2025 | 14:16
Updated At:02 Jan, 2026 | 15:30
Rejected At:
▼CVE Numbering Authority (CNA)
i2c: tegra: check msg length in SMBUS block read

In the Linux kernel, the following vulnerability has been resolved: i2c: tegra: check msg length in SMBUS block read For SMBUS block read, do not continue to read if the message length passed from the device is '0' or greater than the maximum allowed bytes.

Affected Products
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/i2c/busses/i2c-tegra.c
Default Status
unaffected
Versions
Affected
  • From d7583c8a57485da19feb6dd85573763a8c5ec1d1 before c39d1a9ae4ad66afcecab124d7789722bfe909fa (git)
  • From d7583c8a57485da19feb6dd85573763a8c5ec1d1 before be5f6a65509cd5675362f15eb0440fb28b0f9d64 (git)
  • From d7583c8a57485da19feb6dd85573763a8c5ec1d1 before 75a864f21ceeb8c1e8ce1b7589174fec2c3a039e (git)
  • From d7583c8a57485da19feb6dd85573763a8c5ec1d1 before 3f03f77ce688d02da284174e1884b6065d6159bd (git)
  • From d7583c8a57485da19feb6dd85573763a8c5ec1d1 before a6e04f05ce0b070ab39d5775580e65c7d943da0b (git)
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/i2c/busses/i2c-tegra.c
Default Status
affected
Versions
Affected
  • 5.18
Unaffected
  • From 0 before 5.18 (semver)
  • From 6.1.142 through 6.1.* (semver)
  • From 6.6.95 through 6.6.* (semver)
  • From 6.12.35 through 6.12.* (semver)
  • From 6.15.4 through 6.15.* (semver)
  • From 6.16 through * (original_commit_for_fix)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/c39d1a9ae4ad66afcecab124d7789722bfe909fa
N/A
https://git.kernel.org/stable/c/be5f6a65509cd5675362f15eb0440fb28b0f9d64
N/A
https://git.kernel.org/stable/c/75a864f21ceeb8c1e8ce1b7589174fec2c3a039e
N/A
https://git.kernel.org/stable/c/3f03f77ce688d02da284174e1884b6065d6159bd
N/A
https://git.kernel.org/stable/c/a6e04f05ce0b070ab39d5775580e65c7d943da0b
N/A
Hyperlink: https://git.kernel.org/stable/c/c39d1a9ae4ad66afcecab124d7789722bfe909fa
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/be5f6a65509cd5675362f15eb0440fb28b0f9d64
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/75a864f21ceeb8c1e8ce1b7589174fec2c3a039e
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/3f03f77ce688d02da284174e1884b6065d6159bd
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/a6e04f05ce0b070ab39d5775580e65c7d943da0b
Resource: N/A
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
N/A
Hyperlink: https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Resource: N/A
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At:25 Jul, 2025 | 15:15
Updated At:23 Dec, 2025 | 18:35

In the Linux kernel, the following vulnerability has been resolved: i2c: tegra: check msg length in SMBUS block read For SMBUS block read, do not continue to read if the message length passed from the device is '0' or greater than the maximum allowed bytes.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions before 6.1.142(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 6.2(inclusive) to 6.6.95(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 6.7(inclusive) to 6.12.35(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 6.13(inclusive) to 6.15.4(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>11.0
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://git.kernel.org/stable/c/3f03f77ce688d02da284174e1884b6065d6159bd416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/75a864f21ceeb8c1e8ce1b7589174fec2c3a039e416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/a6e04f05ce0b070ab39d5775580e65c7d943da0b416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/be5f6a65509cd5675362f15eb0440fb28b0f9d64416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/c39d1a9ae4ad66afcecab124d7789722bfe909fa416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Mailing List
Hyperlink: https://git.kernel.org/stable/c/3f03f77ce688d02da284174e1884b6065d6159bd
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/75a864f21ceeb8c1e8ce1b7589174fec2c3a039e
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/a6e04f05ce0b070ab39d5775580e65c7d943da0b
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/be5f6a65509cd5675362f15eb0440fb28b0f9d64
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/c39d1a9ae4ad66afcecab124d7789722bfe909fa
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Mailing List

Change History

0
Information is not available yet

Similar CVEs

2301Records found
CVE-2025-21855
Matching Score-8
Assigner-kernel.org
ShareView Details
Matching Score-8
Assigner-kernel.org
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.21%
||
7 Day CHG~0.00%
Published-12 Mar, 2025 | 09:42
Updated-03 Nov, 2025 | 20:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ibmvnic: Don't reference skb after sending to VIOS

In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Don't reference skb after sending to VIOS Previously, after successfully flushing the xmit buffer to VIOS, the tx_bytes stat was incremented by the length of the skb. It is invalid to access the skb memory after sending the buffer to the VIOS because, at any point after sending, the VIOS can trigger an interrupt to free this memory. A race between reading skb->len and freeing the skb is possible (especially during LPM) and will result in use-after-free: ================================================================== BUG: KASAN: slab-use-after-free in ibmvnic_xmit+0x75c/0x1808 [ibmvnic] Read of size 4 at addr c00000024eb48a70 by task hxecom/14495 <...> Call Trace: [c000000118f66cf0] [c0000000018cba6c] dump_stack_lvl+0x84/0xe8 (unreliable) [c000000118f66d20] [c0000000006f0080] print_report+0x1a8/0x7f0 [c000000118f66df0] [c0000000006f08f0] kasan_report+0x128/0x1f8 [c000000118f66f00] [c0000000006f2868] __asan_load4+0xac/0xe0 [c000000118f66f20] [c0080000046eac84] ibmvnic_xmit+0x75c/0x1808 [ibmvnic] [c000000118f67340] [c0000000014be168] dev_hard_start_xmit+0x150/0x358 <...> Freed by task 0: kasan_save_stack+0x34/0x68 kasan_save_track+0x2c/0x50 kasan_save_free_info+0x64/0x108 __kasan_mempool_poison_object+0x148/0x2d4 napi_skb_cache_put+0x5c/0x194 net_tx_action+0x154/0x5b8 handle_softirqs+0x20c/0x60c do_softirq_own_stack+0x6c/0x88 <...> The buggy address belongs to the object at c00000024eb48a00 which belongs to the cache skbuff_head_cache of size 224 ==================================================================

Action-Not Available
Vendor-Linux Kernel Organization, Inc
Product-linux_kernelLinux
CWE ID-CWE-416
Use After Free
  • Previous
  • 1
  • 2
  • ...
  • 45
  • 46
  • 47
  • Next
Details not found