Memory Corruption in Linux Kernel's DMA Engine Component
CVE-2025-38538

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
16 August 2025

What is CVE-2025-38538?

A vulnerability has been identified in the Linux kernel's DMA engine component, specifically in the nbpfaxi feature, where improper memory allocation leads to potential memory corruption. This issue arises from an overshoot in loop iterations while accessing the nbpf->chan[] array beyond its allocated size. Additionally, during data copying from the irqbuf[] array, error checks are included to prevent misalignment. With these safeguards, the earlier flaws in the original code that could result in erroneous iteration and subsequent return errors have been addressed, enhancing overall system integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux b45b262cefd5b8eb2ba88d20e5bd295881293894 < 84fff8e6f11b9af1407e273995b5257d99ff0cff

Linux b45b262cefd5b8eb2ba88d20e5bd295881293894

Linux b45b262cefd5b8eb2ba88d20e5bd295881293894 < 24861ef8b517a309a4225f2793be0cd8fa0bec9e

References

https://git.kernel.org/stable/c/84fff8e6f11b9af1407e27399...
https://git.kernel.org/stable/c/aec396b4f736f3f8d2c28a9cd...
https://git.kernel.org/stable/c/24861ef8b517a309a4225f279...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.