SB2025071110 - Out-of-bounds read in Linux kernel edac driver
Published: July 11, 2025
Security Bulletin ID
SB2025071110
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Out-of-bounds read (CVE-ID: CVE-2025-38298)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the EXPORT_SYMBOL_GPL() function in drivers/edac/skx_common.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/20d2d476b3ae18041be423671a8637ed5ffd6958
- https://git.kernel.org/stable/c/31ef6f7c9aee3be78d63789653e92350f2537f93
- https://git.kernel.org/stable/c/3f5d0659000923735350da60ad710f8c804544fe
- https://git.kernel.org/stable/c/80bf28fd623d97dd4f4825fbbe9d736cec2afba3
- https://git.kernel.org/stable/c/a13e8343ffcff27af1ff79597ff7ba241e6d9471
- https://git.kernel.org/stable/c/a6ed3a6edff09c1187cc6ade7f5967bca2376a13
- https://git.kernel.org/stable/c/bf6a8502a5f4ff6e4d135d795945cdade49ec8b0
- https://git.kernel.org/stable/c/e8530ed3c0769a4d8f79c212715ec1cf277787f8