PT-2025-27420 · Linux+6 · Linux Kernel+6

Published

2025-06-07

·

Updated

2026-05-26

·

CVE-2025-38090

CVSS v2.0

6.0

Medium

VectorAV:L/AC:H/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: A heap overwrite issue has been identified in the Linux kernel, specifically in the drivers/rapidio/rio cm.c file. The problem arises from the riocm ch send() function not checking if sufficient data was sent by userspace, potentially allowing writes to fields outside the allocated space in the rio ch chan hdr. This issue is related to the riocm cdev ioctl(RIO CM CHAN SEND) and cm chan msg send() functions.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Allocation of Resources Without Limits

Weakness Enumeration

CWE-770

Related Identifiers

AZL-64401
BDU:2025-14095
CVE-2025-38090
DLA-4327-1
DLA-4328-1
DSA-5973-1
ECHO-0066-DD81-6847
MGASA-2025-0218
MGASA-2025-0219
OESA-2025-1823
OESA-2025-1824
OESA-2025-1870
OPENSUSE-SU-2025:20081-1
SUSE-SU-2025:02853-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:02969-1
SUSE-SU-2025:02996-1
SUSE-SU-2025:02997-1
SUSE-SU-2025:03011-1
SUSE-SU-2025:03023-1
SUSE-SU-2025:20577-1
SUSE-SU-2025:20586-1
SUSE-SU-2025:20601-1
SUSE-SU-2025:20602-1
SUSE-SU-2025:21074-1
SUSE-SU-2025:21139-1
SUSE-SU-2025:21179-1
SUSE-SU-2025_02853-1
SUSE-SU-2025_02969-1
SUSE-SU-2025_02996-1
SUSE-SU-2025_02997-1
SUSE-SU-2025_03011-1
SUSE-SU-2025_03023-1
USN-7774-1
USN-7774-2
USN-7774-3
USN-7774-4
USN-7774-5
USN-7775-1
USN-7775-2
USN-7775-3
USN-7776-1
USN-7833-1
USN-7833-2
USN-7833-3
USN-7833-4
USN-7834-1
USN-7856-1
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu