Out-of-Bound Write Vulnerability in Linux Kernel Affecting GPIO Functions
CVE-2025-38082

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 June 2025

What is CVE-2025-38082?

A vulnerability exists within the Linux kernel, specifically impacting GPIO functionality. This issue can lead to potential out-of-bound write operations if a caller inputs more characters than the allocated buffer can accommodate. To mitigate this risk, the system should ensure that the input length does not surpass the buffer size and terminate the input correctly with a zero byte. Failure to implement these checks can lead to unauthorized memory access and has implications for system integrity.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 7118be7c6072f40391923543fdd1563b8d56377c

References

https://git.kernel.org/stable/c/afe090366f470f77e140ff340...

https://git.kernel.org/stable/c/b96feaaa0fda1e3871b438143...

https://git.kernel.org/stable/c/7118be7c6072f40391923543f...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 18, 2025
Vulnerability Reserved
Apr 16, 2025