CVE-2025-38252

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: The cxl cper handle prot err() function makes assumptions about the type and binding of devices identified in records, potentially leading to crashes. Specifically, the function incorrectly assumes endpoints are CXL-type-3 devices and bound to the cxl pci driver. The code has been corrected to verify that the PCIe endpoint parents a cxl memdev before assuming the driver data format, preparing the implementation for CXL accelerators not bound to cxl pci.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.