CVE-2025-38519

In the Linux kernel, the following vulnerability has been resolved: mm/damon: fix divide by zero in damon_get_intervals_score() The current implementation allows having zero size regions with no special reasons, but damon_get_intervals_score() gets crashed by divide by zero when the region size is zero. [ 29.403950] Oops: divide error: 0000 [#1] SMP NOPTI This patch fixes the bug, but does not disallow zero size regions to keep the backward compatibility since disallowing zero size regions might be a breaking change for some users. In addition, the same crash can happen when intervals_goal.access_bp is zero so this should be fixed in stable trees as well.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/bd225b9591442065beb876da72656f4a2d627d03	Patch
https://git.kernel.org/stable/c/ca4bb9ac706f05ead8ac1cce7b8245fc0645a687	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.16:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.16:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.16:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.16:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.16:rc5::::::

History

No history.

Information

Published : 2025-08-16 11:15

Updated : 2025-11-18 21:51

NVD link : CVE-2025-38519

Mitre link : CVE-2025-38519

CVE.ORG link : CVE-2025-38519

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-369

Divide By Zero

{"id": "CVE-2025-38519", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2025-08-16T11:15:45.160", "references": [{"url": "https://git.kernel.org/stable/c/bd225b9591442065beb876da72656f4a2d627d03", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/ca4bb9ac706f05ead8ac1cce7b8245fc0645a687", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-369"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/damon: fix divide by zero in damon_get_intervals_score()\n\nThe current implementation allows having zero size regions with no special\nreasons, but damon_get_intervals_score() gets crashed by divide by zero\nwhen the region size is zero.\n\n [ 29.403950] Oops: divide error: 0000 [#1] SMP NOPTI\n\nThis patch fixes the bug, but does not disallow zero size regions to keep\nthe backward compatibility since disallowing zero size regions might be a\nbreaking change for some users.\n\nIn addition, the same crash can happen when intervals_goal.access_bp is\nzero so this should be fixed in stable trees as well."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mm/damon: correcci\u00f3n de divisi\u00f3n por cero en damon_get_intervals_score() La implementaci\u00f3n actual permite tener regiones de tama\u00f1o cero sin razones especiales, pero damon_get_intervals_score() se bloquea por divisi\u00f3n por cero cuando el tama\u00f1o de la regi\u00f3n es cero. [ 29.403950] Oops: error de divisi\u00f3n: 0000 [#1] SMP NOPTI Este parche corrige el error, pero no deshabilita las regiones de tama\u00f1o cero para mantener la compatibilidad con versiones anteriores, ya que deshabilitar las regiones de tama\u00f1o cero podr\u00eda ser un cambio importante para algunos usuarios. Adem\u00e1s, el mismo bloqueo puede ocurrir cuando intervals_goal.access_bp es cero, por lo que esto tambi\u00e9n deber\u00eda corregirse en los \u00e1rboles estables."}], "lastModified": "2025-11-18T21:51:58.523", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FBA11932-25B2-4915-A601-431072CDC904", "versionEndExcluding": "6.15.7", "versionStartIncluding": "6.15"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.16:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D4894DB-CCFE-4602-B1BF-3960B2E19A01"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.16:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09709862-E348-4378-8632-5A7813EDDC86"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.16:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "415BF58A-8197-43F5-B3D7-D1D63057A26E"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.16:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0517869-312D-4429-80C2-561086E1421C"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.16:rc5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85421F4E-C863-4ABF-B4B4-E887CC2F7F92"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}