PT-2025-33783 · Intel+6 · Intel Cherry Trail+7

Published

2025-07-28

·

Updated

2026-04-20

·

CVE-2025-38585

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: A stack buffer overflow exists in the gmin get var int() function when handling EFI variables larger than 64 bytes. The gmin get config var() function does not properly return error codes from efi.get variable(), leading to a misinterpretation of successful calls even when EFI BUFFER TOO SMALL is returned. This results in writing past the end of a 65-byte stack buffer in gmin get var int(). This issue affects camera sensor configuration on Intel Bay Trail and Cherry Trail platforms using the atomisp camera stack.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Stack Overflow

Memory Corruption

Weakness Enumeration

CWE-121CWE-787

Related Identifiers

AZL-66464
BDU:2026-01562
CVE-2025-38585
ECHO-4355-94BD-63F0
OPENSUSE-SU-2025:20081-1
SUSE-SU-2025:03272-1
SUSE-SU-2025:03290-1
SUSE-SU-2025:03301-1
SUSE-SU-2025:03382-1
SUSE-SU-2025:03602-1
SUSE-SU-2025:03633-1
SUSE-SU-2025:03634-1
SUSE-SU-2025:20653-1
SUSE-SU-2025:20669-1
SUSE-SU-2025:20739-1
SUSE-SU-2025:20756-1
SUSE-SU-2025:21074-1
SUSE-SU-2025:21139-1
SUSE-SU-2025:21179-1
SUSE-SU-2025_03272-1
SUSE-SU-2025_03290-1
SUSE-SU-2025_03301-1
SUSE-SU-2025_03382-1
USN-7879-1
USN-7879-2
USN-7879-3
USN-7879-4
USN-7880-1
USN-7934-1
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Astra Linux
Debian
Intel Bay Trail
Intel Cherry Trail
Linuxmint
Linux Kernel
Suse
Ubuntu