CVE-2025-38407

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux Kernel versions prior to 6.16.0-rc1

Description A flaw was discovered in the RISC-V architecture of the Linux kernel related to the handling of SBI (Standardized Boot Interface) and per-CPU data allocation when NUMA (Non-Uniform Memory Access) is enabled. Specifically, the pa() function was incorrectly used to obtain the physical address of sbi hart boot data in the sbi hsm hart start() function, leading to access of an invalid address and a system hang on newly started CPU cores. This issue was triggered when the per-CPU allocator used the vmalloc area. The fix involves allocating a static array for boot data within the kernel image.

Recommendations Update to Linux Kernel version 6.16.0-rc1 or later.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-131

Related Identifiers

BDU:2025-13495

CVE-2025-38407

USN-7833-1

USN-7833-2

USN-7833-3

USN-7833-4

USN-7834-1

USN-7856-1

USN-8028-1

USN-8028-2

USN-8028-3

USN-8028-4

USN-8028-5

USN-8028-6

USN-8028-7

USN-8028-8

USN-8031-1

USN-8031-2

USN-8031-3

USN-8052-1

USN-8052-2

USN-8074-1

USN-8074-2

USN-8126-1

Affected Products

Astra Linux

Linux Kernel

Linuxmint

Ubuntu

CVE-2025-38407

Weakness Enumeration

Related Identifiers

Affected Products

References · 1295