CVE-2025-38342 – Linux Kernel Out-of-Bounds Vulnerability in software_node_get_reference_args

July 10, 2025

CVE ID : CVE-2025-38342

Published : July 10, 2025, 9:15 a.m. | 4 hours, 51 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

software node: Correct a OOB check in software_node_get_reference_args()

software_node_get_reference_args() wants to get @index-th element, so
the property value requires at least ‘(index + 1) * sizeof(*ref)’ bytes
but that can not be guaranteed by current OOB check, and may cause OOB
for malformed property.

Fix by using as OOB check ‘((index + 1) * sizeof(*ref) > prop->length)’.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-38348 – “Intersil p54 WiFi Interface Buffer Overflow Vulnerability”

Next Article CVE-2025-38346 – Linux kernel ftrace UAF Vulnerability

This week in AI dev tools: Gemini API Batch Mode, Amazon SageMaker AI updates, and more (July 11, 2025)

JFrog finds MCP-related vulnerability, highlighting need for stronger focus on security in MCP ecosystem

8 Key Questions Every CEO Should Ask Before Hiring a Node.js Development Company in 2025

Vibe Loop: AI-native reliability engineering for the real world

One of Atlus’ best Xbox JRPGs that puts modern Final Fantasy games to shame is now on a 45% discount — This is your last chance to seize it as the Amazon Day Prime closes today

Don’t waste the LAST 24 hours of Amazon Prime Day sales buying a MacBook — buy this much better Windows laptop instead!

This fantastic Xbox remake of a classic Atlus JRPG we gave a perfect review score to is now 49% cheaper — Don’t miss the deadline for this Amazon Prime Day deal, which ends today

HP’s discount on one of the most powerful gaming laptops on the planet is absolutely UNBEATABLE — but you only have a few hours to get one!

The details of TC39’s last meeting

The details of TC39’s last meeting

Francisco Bergeret Paves the Way Through Strong Leadership at Perficient

Intelligent Automation in the Healthcare Sector with n8n, OpenAI, and Pinecone

One of Atlus’ best Xbox JRPGs that puts modern Final Fantasy games to shame is now on a 45% discount — This is your last chance to seize it as the Amazon Day Prime closes today

One of Atlus’ best Xbox JRPGs that puts modern Final Fantasy games to shame is now on a 45% discount — This is your last chance to seize it as the Amazon Day Prime closes today

Don’t waste the LAST 24 hours of Amazon Prime Day sales buying a MacBook — buy this much better Windows laptop instead!

This fantastic Xbox remake of a classic Atlus JRPG we gave a perfect review score to is now 49% cheaper — Don’t miss the deadline for this Amazon Prime Day deal, which ends today

CVE-2025-38342 – Linux Kernel Out-of-Bounds Vulnerability in software_node_get_reference_args

Critical Vulnerability in Anthropic’s MCP Exposes Developer Machines to Remote Exploits

Critical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentials

TC39: No to records and tuples, yes to enums

Linus Torvalds Respinge l’Idea di Abilitare DAMON di Default nel Kernel Linux

Minimize generative AI hallucinations with Amazon Bedrock Automated Reasoning checks

CVE-2025-5036 – Autodesk Revit Use-After-Free Vulnerability

Critical Python Tarfile Flaw (CVE-2025-4517, CVSS 9.4): Arbitrary File Write, PoC Available

Zero-Day CLFS Vulnerability (CVE-2025-29824) Exploited in Ransomware Attacks

CVE-2025-6216 – Allegra Password Recovery Authentication Bypass Vulnerability

Pinot is a real-time analytics platform

CVE-2025-38342 – Linux Kernel Out-of-Bounds Vulnerability in software_node_get_reference_args

Related Posts