CVE-2025-38367
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-07-25
Last updated on: 2025-11-19
Assigner: kernel.org
Description
Description
In the Linux kernel, the following vulnerability has been resolved:
LoongArch: KVM: Avoid overflow with array index
The variable index is modified and reused as array index when modify
register EIOINTC_ENABLE. There will be array index overflow problem.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | 6.16 |
| linux | linux_kernel | 6.16 |
| linux | linux_kernel | 6.16 |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-129 | The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the Linux kernel's LoongArch KVM involves an array index overflow. Specifically, the variable 'index' is modified and then reused as an array index when modifying the register EIOINTC_ENABLE, which can lead to an overflow of the array index.
How can this vulnerability impact me? :
The array index overflow could potentially lead to unexpected behavior in the kernel, such as memory corruption or crashes, which might be exploited to compromise system stability or security.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70