PT-2025-35986 · Linux +1 · Linux Kernel +1
Published
2025-09-04
·
Updated
2025-09-04
·
CVE-2025-38713
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Name of the Vulnerable Software and Affected Versions:
Linux kernel (affected versions not specified)
Description:
The Linux kernel contains a vulnerability in the `hfsplus readdir()` method, specifically within the `hfsplus uni2asc()` function. This can lead to a slab-out-of-bounds read, potentially causing a system crash. The issue occurs when calling `hfsplus uni2asc()`.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Related Identifiers
CVE-2025-38713
Affected Products
Debian
Linux Kernel
References · 15
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-38713 · Security Note
- https://security-tracker.debian.org/tracker/source-package/linux · Vendor Advisory
- https://security-tracker.debian.org/tracker/CVE-2025-38713 · Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-38713 · Security Note
- https://git.kernel.org/stable/c/76a4c6636a69d69409aa253b049b1be717a539c5 · Note
- https://git.kernel.org/stable/c/291bb5d931c6f3cd7227b913302a17be21cf53b0 · Note
- https://twitter.com/CVEnew/status/1963637915566948788 · Twitter Post
- https://git.kernel.org/stable/c/6f93694bcbc2c2ab3e01cd8fba2f296faf34e6b9 · Note
- https://git.kernel.org/stable/c/94458781aee6045bd3d0ad4b80b02886b9e2219b · Note
- https://git.kernel.org/stable/c/13604b1d7e7b125fb428cddbec6b8d92baad25d5 · Note
- https://packages.debian.org/src:linux · Note
- https://git.kernel.org/stable/c/f7534cbfac0a9ffa4fa17cacc6e8b6446dae24ee · Note
- https://git.kernel.org/stable/c/1ca69007e52a73bd8b84b988b61b319816ca8b01 · Note
- https://git.kernel.org/stable/c/ccf0ad56a779e6704c0b27f555dec847f50c7557 · Note
- https://git.kernel.org/stable/c/73f7da507d787b489761a0fa280716f84fa32b2f · Note