Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2025-38332
PUBLISHED
More InfoOfficial Page
Assigner-Linux
Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67
View Known Exploited Vulnerability (KEV) details
Published At-10 Jul, 2025 | 08:15
Updated At-02 Jan, 2026 | 15:30
Rejected At-
▼CVE Numbering Authority (CNA)
scsi: lpfc: Use memcpy() for BIOS version

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Use memcpy() for BIOS version The strlcat() with FORTIFY support is triggering a panic because it thinks the target buffer will overflow although the correct target buffer size is passed in. Anyway, instead of memset() with 0 followed by a strlcat(), just use memcpy() and ensure that the resulting buffer is NULL terminated. BIOSVersion is only used for the lpfc_printf_log() which expects a properly terminated string.

Affected Products
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/scsi/lpfc/lpfc_sli.c
Default Status
unaffected
Versions
Affected
  • From b3b4f3e1d575fe142fd437158425c2359b695ff1 before ac7bfaa099ec3e4d7dfd0ab9726fc3bc7911365d (git)
  • From b3b4f3e1d575fe142fd437158425c2359b695ff1 before b699bda5db818b684ff62d140defd6394f38f3d6 (git)
  • From b3b4f3e1d575fe142fd437158425c2359b695ff1 before d34f2384d6df11a6c67039b612c2437f46e587e8 (git)
  • From b3b4f3e1d575fe142fd437158425c2359b695ff1 before 75ea8375c5a83f46c47bfb3de6217c7589a8df93 (git)
  • From b3b4f3e1d575fe142fd437158425c2359b695ff1 before 34c0a670556b24d36c9f8934227edb819ca5609e (git)
  • From b3b4f3e1d575fe142fd437158425c2359b695ff1 before 2f63bf0d2b146956a2f2ff3b25cee71019e64561 (git)
  • From b3b4f3e1d575fe142fd437158425c2359b695ff1 before 003baa7a1a152576d744bd655820449bbdb0248e (git)
  • From b3b4f3e1d575fe142fd437158425c2359b695ff1 before ae82eaf4aeea060bb736c3e20c0568b67c701d7d (git)
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/scsi/lpfc/lpfc_sli.c
Default Status
affected
Versions
Affected
  • 5.2
Unaffected
  • From 0 before 5.2 (semver)
  • From 5.4.295 through 5.4.* (semver)
  • From 5.10.239 through 5.10.* (semver)
  • From 5.15.186 through 5.15.* (semver)
  • From 6.1.142 through 6.1.* (semver)
  • From 6.6.95 through 6.6.* (semver)
  • From 6.12.35 through 6.12.* (semver)
  • From 6.15.4 through 6.15.* (semver)
  • From 6.16 through * (original_commit_for_fix)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/ac7bfaa099ec3e4d7dfd0ab9726fc3bc7911365d
N/A
https://git.kernel.org/stable/c/b699bda5db818b684ff62d140defd6394f38f3d6
N/A
https://git.kernel.org/stable/c/d34f2384d6df11a6c67039b612c2437f46e587e8
N/A
https://git.kernel.org/stable/c/75ea8375c5a83f46c47bfb3de6217c7589a8df93
N/A
https://git.kernel.org/stable/c/34c0a670556b24d36c9f8934227edb819ca5609e
N/A
https://git.kernel.org/stable/c/2f63bf0d2b146956a2f2ff3b25cee71019e64561
N/A
https://git.kernel.org/stable/c/003baa7a1a152576d744bd655820449bbdb0248e
N/A
https://git.kernel.org/stable/c/ae82eaf4aeea060bb736c3e20c0568b67c701d7d
N/A
Hyperlink: https://git.kernel.org/stable/c/ac7bfaa099ec3e4d7dfd0ab9726fc3bc7911365d
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/b699bda5db818b684ff62d140defd6394f38f3d6
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/d34f2384d6df11a6c67039b612c2437f46e587e8
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/75ea8375c5a83f46c47bfb3de6217c7589a8df93
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/34c0a670556b24d36c9f8934227edb819ca5609e
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/2f63bf0d2b146956a2f2ff3b25cee71019e64561
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/003baa7a1a152576d744bd655820449bbdb0248e
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/ae82eaf4aeea060bb736c3e20c0568b67c701d7d
Resource: N/A
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
N/A
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
N/A
Hyperlink: https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Resource: N/A
Hyperlink: https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
Resource: N/A
Details not found