Buffer Overflow Vulnerability in Linux Kernel's SCSI lpfc Driver
CVE-2025-38332

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
10 July 2025

What is CVE-2025-38332?

A vulnerability in the Linux kernel affects the SCSI lpfc driver, where incorrect usage of strlcat() may lead to a panic due to perceived buffer overflow risks. The original implementation involving memset() and strlcat() was replaced with memcpy() to ensure proper null termination of the resulting string. This change improves the reliability of the BIOSVersion string used in lpfc_printf_log().

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux b3b4f3e1d575fe142fd437158425c2359b695ff1

Linux b3b4f3e1d575fe142fd437158425c2359b695ff1

Linux b3b4f3e1d575fe142fd437158425c2359b695ff1

References

https://git.kernel.org/stable/c/ac7bfaa099ec3e4d7dfd0ab97...
https://git.kernel.org/stable/c/b699bda5db818b684ff62d140...
https://git.kernel.org/stable/c/d34f2384d6df11a6c67039b61...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.