Divide Error Vulnerability in Linux Kernel Affecting libnvdimm Driver
CVE-2025-38072

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 June 2025

What is CVE-2025-38072?

A vulnerability exists in the Linux kernel's libnvdimm driver due to a divide error triggered by faulty CXL memory devices. When a defective CXL memory device returns an incorrectly sized zero Logical Subsystem Area (LSA), it leads to a division by zero error during data initialization. This issue arises from improper handling of the configuration size, which results in the driver attempting to perform mathematical operations with a zero divisor. A fix has been implemented to enhance the validation of the configuration size parameter, preventing the error from occurring and maintaining system stability.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 2bd4a938d2eda96ab7288b8fa5aae84a1de8c4ca

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 396c46d3f59a18ebcc500640e749f16e197d472b

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

References

https://git.kernel.org/stable/c/2bd4a938d2eda96ab7288b8fa...

https://git.kernel.org/stable/c/396c46d3f59a18ebcc500640e...

https://git.kernel.org/stable/c/f49c337037df029440a839038...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 18, 2025
Vulnerability Reserved
Apr 16, 2025