CVE-2025-38425
Published: July 26, 2025Last modified: July 26, 2025
Description
In the Linux kernel, the following vulnerability has been resolved: i2c: tegra: check msg length in SMBUS block read For SMBUS block read, do not continue to read if the message length passed from the device is '0' or greater than the maximum allowed bytes.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 7.8 |
| Attack Vector | LOCAL |
| Attack complexity | LOW |
| Privileges required | LOW |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | HIGH |
| Integrity impact | HIGH |
| Availability impact | HIGH |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | linux-lts | Fixed (6.1.143-r1) |
| 25 LTS | linux-lts | Fixed (6.12.41-r0) | |
| Stream | linux-lts | Fixed (6.12.41-r0) |
References
- https://git.kernel.org/stable/c/3f03f77ce688d02da284174e1884b6065d6159bd
- https://git.kernel.org/stable/c/75a864f21ceeb8c1e8ce1b7589174fec2c3a039e
- https://git.kernel.org/stable/c/a6e04f05ce0b070ab39d5775580e65c7d943da0b
- https://git.kernel.org/stable/c/be5f6a65509cd5675362f15eb0440fb28b0f9d64
- https://git.kernel.org/stable/c/c39d1a9ae4ad66afcecab124d7789722bfe909fa
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html