FKIE_CVE-2025-38200

Vulnerability from fkie_nvd - Published: 2025-07-04 14:15 - Updated: 2025-11-03 18:16
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: i40e: fix MMIO write access to an invalid page in i40e_clear_hw When the device sends a specific input, an integer underflow can occur, leading to MMIO write access to an invalid page. Prevent the integer underflow by changing the type of related variables.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/015bac5daca978448f2671478c553ce1f300c21e
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/2a1f4f2e36442a9bdf771acf6ee86f3cf876e5ca
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/3502dd42f178dae9d54696013386bb52b4f2e655
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/5e75c9082987479e647c75ec8fdf18fa68263c42
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/872607632c658d3739e4e7889e4f3c419ae2c193
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/8cde755f56163281ec2c46b4ae8b61f532758a6f
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/d88a1e8f024ba26e19350958fecbf771a9960352
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/fecb2fc3fc10c95724407cc45ea35af4a65cdde2
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Impacted products
Vendor Product Version
To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: fix MMIO write access to an invalid page in i40e_clear_hw\n\nWhen the device sends a specific input, an integer underflow can occur, leading\nto MMIO write access to an invalid page.\n\nPrevent the integer underflow by changing the type of related variables."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: i40e: se corrige el acceso de escritura MMIO a una p\u00e1gina no v\u00e1lida en i40e_clear_hw. Cuando el dispositivo env\u00eda una entrada espec\u00edfica, puede producirse un desbordamiento de enteros, lo que provoca el acceso de escritura MMIO a una p\u00e1gina no v\u00e1lida. Para evitar este desbordamiento, cambie el tipo de las variables relacionadas."
    }
  ],
  "id": "CVE-2025-38200",
  "lastModified": "2025-11-03T18:16:08.547",
  "metrics": {},
  "published": "2025-07-04T14:15:27.877",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/015bac5daca978448f2671478c553ce1f300c21e"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/2a1f4f2e36442a9bdf771acf6ee86f3cf876e5ca"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/3502dd42f178dae9d54696013386bb52b4f2e655"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/5e75c9082987479e647c75ec8fdf18fa68263c42"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/872607632c658d3739e4e7889e4f3c419ae2c193"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/8cde755f56163281ec2c46b4ae8b61f532758a6f"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/d88a1e8f024ba26e19350958fecbf771a9960352"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/fecb2fc3fc10c95724407cc45ea35af4a65cdde2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.