PT-2025-30780 · Linux+7 · Linux Kernel+8

Published

2025-01-01

·

Updated

2026-05-26

·

CVE-2025-38380

CVSS v2.0

6.0

Medium

VectorAV:L/AC:H/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The i2c dw xfer init() function requires msgs and msg write idx from the device context to be initialized. A flaw exists because amd i2c dw xfer quirk() initializes msgs and msgs num, but not msg write idx. This can lead to an out-of-bounds access of msgs.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Initialization

Buffer Overflow

Weakness Enumeration

CWE-665CWE-119

Related Identifiers

ALSA-2025:13960
ALSA-2025:13962
ALSA-2025:14009
BDU:2025-09138
CESA-2025_13960
CESA-2025_16582
CVE-2025-38380
DSA-5973-1
ECHO-2050-4797-FFAA
INFSA-2025_13960
INFSA-2025_13962
MGASA-2025-0218
MGASA-2025-0219
OESA-2025-1959
OESA-2025-1960
OESA-2025-1961
OPENSUSE-SU-2025:20081-1
RHSA-2025:13776
RHSA-2025:13960
RHSA-2025:13962
RHSA-2025:14003
RHSA-2025:14005
RHSA-2025:14009
RHSA-2025:14054
RHSA-2025:14082
RHSA-2025:14418
RHSA-2025_13960
RHSA-2025_13962
SUSE-SU-2025:02853-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:02969-1
SUSE-SU-2025:02996-1
SUSE-SU-2025:02997-1
SUSE-SU-2025:03011-1
SUSE-SU-2025:03023-1
SUSE-SU-2025:03615-1
SUSE-SU-2025:03628-1
SUSE-SU-2025:20577-1
SUSE-SU-2025:20586-1
SUSE-SU-2025:20601-1
SUSE-SU-2025:20602-1
SUSE-SU-2025:21074-1
SUSE-SU-2025:21139-1
SUSE-SU-2025:21179-1
SUSE-SU-2025:3716-1
SUSE-SU-2025:3761-1
SUSE-SU-2025_02853-1
SUSE-SU-2025_02969-1
SUSE-SU-2025_02996-1
SUSE-SU-2025_02997-1
SUSE-SU-2025_03011-1
SUSE-SU-2025_03023-1

Affected Products

Almalinux
Centos
Debian
Linux Kernel
Red Hat
Red Os
Suse
Amd I2C Dw Xfer Quirk
I2C Dw Xfer Init