PT-2025-25842 · Linux+6 · Linux Kernel+6
Published
2025-03-08
·
Updated
2026-05-26
·
CVE-2025-38068
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
A compression buffer overrun issue has been identified in the Linux kernel's LZO compression code. Unlike the decompression code, the compression code did not check for output overruns, assuming the caller would always provide sufficient buffer space. This issue has been resolved by adding a safe compression interface that checks for the end of the buffer before each write.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
DoS
Memory Corruption
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu