Integer Underflow Vulnerability in Linux Kernel i40e Driver
CVE-2025-38200

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 July 2025

What is CVE-2025-38200?

A vulnerability exists in the Linux kernel's i40e driver, which can lead to an integer underflow when specific input is processed. This condition allows for MMIO (Memory-Mapped Input/Output) write access to an invalid memory page, potentially compromising system integrity. The issue stems from the handling of related variables, which can be mitigated by altering their data types. Addressing this vulnerability is crucial to ensure robust security in environments relying on the i40e driver.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 872607632c658d3739e4e7889e4f3c419ae2c193

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 5e75c9082987479e647c75ec8fdf18fa68263c42

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

References

https://git.kernel.org/stable/c/872607632c658d3739e4e7889...

https://git.kernel.org/stable/c/5e75c9082987479e647c75ec8...

https://git.kernel.org/stable/c/fecb2fc3fc10c95724407cc45...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 4, 2025
Vulnerability Reserved
Apr 16, 2025