CVE-2025-38298

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: A general protection fault may occur in the Linux kernel when loading and unloading the i10nm edac module, which automatically loads skx edac common. This issue arises because the adxl component count variable within skx edac common, responsible for tracking ADXL components, is not reset during module unloading and reloading. This leads to a doubled count of ADXL components, resulting in an out-of-bounds reference to the ADXL component array and a subsequent general protection fault. The fault is triggered during error injection testing after reloading the module.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Corruption

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-125

Related Identifiers

BDU:2025-13454

CVE-2025-38298

DLA-4327-1

DLA-4328-1

DSA-5973-1

ECHO-AE96-0234-B08F

MGASA-2025-0218

MGASA-2025-0219

OESA-2025-1876

OESA-2025-1877

OESA-2025-1878

OESA-2025-1879

OESA-2025-1880

OPENSUSE-SU-2026:20287-1

SUSE-SU-2026:20555-1

SUSE-SU-2026:20599-1

SUSE-SU-2026:20615-1

USN-7769-1

USN-7769-2

USN-7769-3

USN-7770-1

USN-7771-1

USN-7774-1

USN-7774-2

USN-7774-3

USN-7774-4

USN-7774-5

USN-7775-1

USN-7775-2

USN-7775-3

USN-7776-1

USN-7789-1

USN-7789-2

USN-8028-1

USN-8028-2

USN-8028-3

USN-8028-4

USN-8028-5

USN-8028-6

USN-8028-7

USN-8028-8

USN-8031-1

USN-8031-2

USN-8031-3

USN-8052-1

USN-8052-2

USN-8074-1

USN-8074-2

USN-8126-1

Affected Products

Astra Linux

Debian

Linuxmint

Linux Kernel

Red Os

Ubuntu

I10Nm Edac

Skx Edac Common

CVE-2025-38298

Weakness Enumeration

Related Identifiers

Affected Products

References · 1882