CVE-2025-38237
BaseFortify
Publication date: 2025-07-08
Last updated on: 2025-12-18
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.11 (inc) to 5.15.186 (inc) |
| debian | debian_linux | 11.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs in the Linux kernel's media platform for exynos4-is, specifically in the fimc_is_hw_change_mode() function. The function changes camera modes without waiting for the hardware to complete the previous operation, which can lead to corrupted data or system hangs if subsequent operations start before the hardware is ready. The fix involves adding a hardware synchronization wait function (fimc_is_hw_wait_intmsr0_intmsd0()) after mode configuration to ensure the hardware state is synchronized and interrupts are handled stably.
How can this vulnerability impact me? :
This vulnerability can cause corrupted data or system hangs when changing camera modes on affected hardware. If the system proceeds with operations before the hardware is ready, it may result in unstable behavior, potentially affecting device functionality and reliability.
What immediate steps should I take to mitigate this vulnerability?
Apply the patch that adds hardware synchronization wait in fimc_is_hw_change_mode() by updating the Linux kernel to a version that includes the fix. This ensures the camera mode changes wait for hardware completion, preventing corrupted data or system hangs.