CVE-2025-38664

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-38664
In the Linux kernel, the following vulnerability has been resolved: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() Add check for the return value of devm_kmemdup() to prevent potential null pointer dereference.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://git.kernel.org/stable/c/0fde7dccbf4c8a6d7940ecaf4c3d80a12f405dd7 Patch
https://git.kernel.org/stable/c/1c30093d58cd3d02d8358e2b1f4a06a0aae0bf5b Patch
https://git.kernel.org/stable/c/3028f2a4e746b499043bbb8ab816f975473a0535 Patch
https://git.kernel.org/stable/c/35370d3b44efe194fd5ad55bac987e629597d782 Patch
https://git.kernel.org/stable/c/435462f8ab2b9c5340a5414ce02f70117d0cfede Patch
https://git.kernel.org/stable/c/4ff12d82dac119b4b99b5a78b5af3bf2474c0a36 Patch
https://git.kernel.org/stable/c/6d640a8ea62435a7f6f89869bee4fa99423d07ca Patch
https://git.kernel.org/stable/c/7c5a13c76dd37e9e4f8d48b87376a54f4399ce15 Patch
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.16:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.16:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.16:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.16:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.16:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.16:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.16:rc7:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
History

No history.

Information

Published : 2025-08-22 16:15

Updated : 2026-01-07 17:32

NVD link : CVE-2025-38664

Mitre link : CVE-2025-38664

CVE.ORG link : CVE-2025-38664

JSON object : View

Products Affected

debian

  • debian_linux

linux

  • linux_kernel
CWE
CWE-476

NULL Pointer Dereference