CVE-2025-38044

MEDIUM EPSS 6.8%
Published Jun 18, 20251y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Jun 18, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: media: cx231xx: set device_caps for 417 The video_device for the MPEG encoder did not set device_caps. Add this, otherwise the video device can't be registered (you get a WARN_ON instead). Not seen before since currently 417 support is disabled, but I found this while experimenting with it.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
6.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 8

VendorProductVersionRange
linuxlinux_kernel* <5.4.294
linuxlinux_kernel*≥5.5  –  <5.10.238
linuxlinux_kernel*≥5.11  –  <5.15.185
linuxlinux_kernel*≥5.16  –  <6.1.141
linuxlinux_kernel*≥6.2  –  <6.6.93
linuxlinux_kernel*≥6.7  –  <6.12.31
linuxlinux_kernel*≥6.13  –  <6.14.9
debiandebian_linux11.0any

References 10

  • git.kernel.org https://git.kernel.org/stable/c/0884dd3abbe80307a2d4cbdbe5e312be164f8adb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2ad41beb7df3bd63b209842d16765ec59dafe6e4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4731d5328f507ae8fd8a57abbca9119ec7a8d665
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5c9eca180a4235abd56cc7f7308ca72128d93dce
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9d1a5be86dbe074bd8dd6bdd63a99d6bb66d5930
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a79efc44b51432490538a55b9753a721f7d3ea42
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c91447e35b9bea60bda4408c48e7891d14351021
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e43fd82bb2110bf9d13d800cdc49cceddfd0ede5
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
    Third Party Advisory
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
    Third Party Advisory

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/0884dd3abbe80307a2d4cbdbe5e312be164f8adb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2ad41beb7df3bd63b209842d16765ec59dafe6e4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4731d5328f507ae8fd8a57abbca9119ec7a8d665
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5c9eca180a4235abd56cc7f7308ca72128d93dce
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9d1a5be86dbe074bd8dd6bdd63a99d6bb66d5930
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a79efc44b51432490538a55b9753a721f7d3ea42
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c91447e35b9bea60bda4408c48e7891d14351021
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e43fd82bb2110bf9d13d800cdc49cceddfd0ede5
    Patch