Main Vulnerability Database SB2025070542

SB2025070542 - Input validation error in Linux kernel block driver

Published: July 5, 2025

Security Bulletin ID SB2025070542

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Input validation error (CVE-ID: CVE-2025-38182)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the ublk_ctrl_add_dev() function in drivers/block/ublk_drv.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/0f8df5d6f25ac17c52a8bc6418e60a3e63130550
https://git.kernel.org/stable/c/3162d8235c8c4d585525cee8a59d1c180940a968
https://git.kernel.org/stable/c/8c8472855884355caf3d8e0c50adf825f83454b2
https://git.kernel.org/stable/c/e2b2b7cf6368580114851cb3932f2ad9fbf23386