Vulnerability in Linux Kernel Affecting Simulation Work Context Initialization
CVE-2025-38408

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
25 July 2025

What is CVE-2025-38408?

A vulnerability exists in the Linux kernel where the simulation work context's pointers are not initialized correctly. Instead of using kmalloc(), the kzalloc() method should be utilized to allocate the simulation work context. Failing to do so results in pointers that may hold random values, leading to the potential for invalid memory dereferencing and subsequent errors in system operations.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 19bd7597858dd15802c1d99fcc38e528f469080a

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 7f73d1def72532bac4d55ea8838f457a6bed955c

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 8a2277a3c9e4cc5398f80821afe7ecbe9bdf2819

References

https://git.kernel.org/stable/c/19bd7597858dd15802c1d99fc...
https://git.kernel.org/stable/c/7f73d1def72532bac4d55ea88...
https://git.kernel.org/stable/c/8a2277a3c9e4cc5398f80821a...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-38408 : Vulnerability in Linux Kernel Affecting Simulation Work Context Initialization