CVE-2025-38425

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains an issue within the i2c subsystem, specifically in the tegra driver related to SMBUS block read operations. The vulnerability occurs when processing message lengths during SMBUS block reads. The system does not properly validate the message length received from the device, potentially allowing reads to proceed with invalid lengths (0 or exceeding the maximum allowed bytes).

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

BDU:2025-10954

CVE-2025-38425

DLA-4328-1

DSA-5973-1

ECHO-C4E3-EF41-F083

MGASA-2025-0218

MGASA-2025-0219

OPENSUSE-SU-2025:20081-1

RHSA-2025:11428

SUSE-SU-2025:02853-1

SUSE-SU-2025:02923-1

SUSE-SU-2025:02969-1

SUSE-SU-2025:02996-1

SUSE-SU-2025:02997-1

SUSE-SU-2025:03011-1

SUSE-SU-2025:03023-1

SUSE-SU-2025:20577-1

SUSE-SU-2025:20586-1

SUSE-SU-2025:20601-1

SUSE-SU-2025:20602-1

SUSE-SU-2025:21074-1

SUSE-SU-2025:21139-1

SUSE-SU-2025:21179-1

SUSE-SU-2025_02853-1

SUSE-SU-2025_02969-1

SUSE-SU-2025_02996-1

SUSE-SU-2025_02997-1

SUSE-SU-2025_03011-1

SUSE-SU-2025_03023-1

USN-7833-1

USN-7833-2

USN-7833-3

USN-7833-4

USN-7834-1

USN-7856-1

USN-7864-1

USN-8028-1

USN-8028-2

USN-8028-3

USN-8028-4

USN-8028-5

USN-8028-6

USN-8028-7

USN-8028-8

USN-8052-1

USN-8052-2

USN-8074-1

USN-8074-2

USN-8126-1

Affected Products

Debian

Linuxmint

Linux Kernel

Red Os

Suse

Ubuntu

Tegra Driver

CVE-2025-38425

Weakness Enumeration

Related Identifiers

Affected Products

References · 3204