CVE-2025-38088

Description

In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap memtrace mmap issue has an out of bounds issue. This patch fixes the by checking that the requested mapping region size should stay within the allocated region size.

CVSS Metrics

• v3.1•HIGH•Score: 7.1CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

EPSS Trends

Current EPSS score: 0.07%• Percentile: 22%

Techniques & Countermeasures

• CWE-125•Out-of-bounds Read

  The product reads data past the end, or before the beginning, of the intended buffer.

Affected Systems

• debian•debian_linux

  11.0

• linux•linux

  ≥ 08a022ad3dfafc7e33d4529015e14bb75179cacc, < 81260c41b518b6f32c701425f1427562fa92f293 | ≥ 08a022ad3dfafc7e33d4529015e14bb75179cacc, < 620b77b23c41a6546e5548ffe2ea3ad71880dde4 | ≥ 08a022ad3dfafc7e33d4529015e14bb75179cacc, < 8635e325b85dfb9ddebdfaa6b5605d40d16cd147 | ≥ 08a022ad3dfafc7e33d4529015e14bb75179cacc, < 9c340b56d60545e4a159e41523dd8b23f81d3261 | ≥ 08a022ad3dfafc7e33d4529015e14bb75179cacc, < bbd5a9ddb0f9750783a48a871c9e12c0b68c5f39 | ≥ 08a022ad3dfafc7e33d4529015e14bb75179cacc, < cd097df4596f3a1e9d75eb8520162de1eb8485b2 | 5.13

• linux•linux_kernel

  ≥ 5.13, < 5.15.186 | ≥ 5.16, < 6.1.142 | ≥ 6.2, < 6.6.94 | ≥ 6.7, < 6.12.34 | ≥ 6.13, < 6.15.3 | 6.16:rc1

References (7)

• https://git.kernel.org/stable/c/81260c41b518b6f32c701425f1427562fa92f293
• https://git.kernel.org/stable/c/620b77b23c41a6546e5548ffe2ea3ad71880dde4
• https://git.kernel.org/stable/c/8635e325b85dfb9ddebdfaa6b5605d40d16cd147
• https://git.kernel.org/stable/c/9c340b56d60545e4a159e41523dd8b23f81d3261
• https://git.kernel.org/stable/c/bbd5a9ddb0f9750783a48a871c9e12c0b68c5f39
• https://git.kernel.org/stable/c/cd097df4596f3a1e9d75eb8520162de1eb8485b2
• https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html