CVE-2025-38613

MEDIUM EPSS 2.8%
Published Aug 19, 202510mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Aug 19, 2025 10mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: staging: gpib: fix unset padding field copy back to userspace The introduction of a padding field in the gpib_board_info_ioctl is showing up as initialized data on the stack frame being copyied back to userspace in function board_info_ioctl. The simplest fix is to initialize the entire struct to zero to ensure all unassigned padding fields are zero'd before being copied back to userspace.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-908

Affected Products 1

VendorProductVersionRange
linuxlinux_kernel*≥6.13  –  <6.16.1

References 2

  • git.kernel.org https://git.kernel.org/stable/c/19dedd4f70f5a6505e7c601ef7dd40542d1d9aa5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a739d3b13bff0dfa1aec679d08c7062131a2a425
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/19dedd4f70f5a6505e7c601ef7dd40542d1d9aa5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a739d3b13bff0dfa1aec679d08c7062131a2a425
    Patch