CVE-2025-38412

5.5 MEDIUM

Published: July 25, 2025 Modified: December 23, 2025

Description

In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks After retrieving WMI data blocks in sysfs callbacks, check for the validity of them before dereferencing their content.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

https://git.kernel.org/stable/c/0deb3eb78ebf225cb41aa9b2b2150f46cbfd359e

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/5df3b870bc389a1767c72448a3ce1c576ef4deab

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/68e9963583d11963ceca5d276e9c44684509f759

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/92c2d914b5337431d885597a79a3a3d9d55e80b7

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/aaf847dcb4114fe8b25d4c1c790bedcb6088cb3d

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/eb617dd25ca176f3fee24f873f0fd60010773d67

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory Mailing List

7 reference(s) from NVD

Quick Stats

CVSS v3 Score

5.5 / 10.0

EPSS (Exploit Probability)

0.0%

4th percentile

Exploitation Status

Not in CISA KEV

Affected Vendors

debian linux