Memory Overflow Vulnerability in Linux Kernel's S390 Architecture
CVE-2025-38257
What is CVE-2025-38257?
A vulnerability in the s390/pkey module of the Linux kernel has been identified, where the size calculation for memory duplication via the memdup_user() function can overflow. This occurs due to improper handling of the 'nr_apqns' variable, which is determined by user input through an ioctl call. When the calculated size exceeds the allocated buffer, it leads to a mismatch between the actual size and the expected value, resulting in potential unpredictable behavior within the system. To mitigate this issue, the implementation of a safer memdup_array_user() helper is recommended, which correctly checks for overflow conditions.
Affected Version(s)
Linux f2bbc96e7cfad3891b7bf9bd3e566b9b7ab4553d
Linux f2bbc96e7cfad3891b7bf9bd3e566b9b7ab4553d < 88f3869649edbc4a13f6c2877091f81cd5a50f05
Linux f2bbc96e7cfad3891b7bf9bd3e566b9b7ab4553d