CVE-2025-38061

MEDIUM EPSS 5.4%
Published Jun 18, 20251y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Jun 18, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: net: pktgen: fix access outside of user given buffer in pktgen_thread_write() Honour the user given buffer size for the strn_len() calls (otherwise strn_len() will access memory outside of the user given buffer).

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
5.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 8

VendorProductVersionRange
linuxlinux_kernel* <5.4.294
linuxlinux_kernel*≥5.5  –  <5.10.238
linuxlinux_kernel*≥5.11  –  <5.15.185
linuxlinux_kernel*≥5.16  –  <6.1.141
linuxlinux_kernel*≥6.2  –  <6.6.93
linuxlinux_kernel*≥6.7  –  <6.12.31
linuxlinux_kernel*≥6.13  –  <6.14.9
debiandebian_linux11.0any

References 10

  • git.kernel.org https://git.kernel.org/stable/c/128cdb617a87767c29be43e4431129942fce41df
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/425e64440ad0a2f03bdaf04be0ae53dededbaa77
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5bfa81539e22af4c40ae5d43d7212253462383a6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6b1d3e9db82d01a88de1795b879df67c2116b4f4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8fef258b555c75a467a6b4b7e3a3cbc46d5f4102
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a3d89f1cfe1e6d4bb164db2595511fd33db21900
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c81c2ee1c3b050ed5c4e92876590cc7a259183f6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ef1158a6a650ecee72ab40851b1d52e04d3f9cb5
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
    Third Party Advisory
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
    Third Party Advisory

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/128cdb617a87767c29be43e4431129942fce41df
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/425e64440ad0a2f03bdaf04be0ae53dededbaa77
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5bfa81539e22af4c40ae5d43d7212253462383a6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6b1d3e9db82d01a88de1795b879df67c2116b4f4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8fef258b555c75a467a6b4b7e3a3cbc46d5f4102
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a3d89f1cfe1e6d4bb164db2595511fd33db21900
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c81c2ee1c3b050ed5c4e92876590cc7a259183f6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ef1158a6a650ecee72ab40851b1d52e04d3f9cb5
    Patch