Home

CVE-2025-38077

Description

In the Linux kernel, the following vulnerability has been resolved:platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store()If the buf array received from the user contains an empty string, thelength variable will be zero. Accessing the buf array element withindex length - 1 will result in a buffer overflow.Add a check for an empty string.Found by Linux Verification Center (linuxtesting.org) with SVACE.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.021

Associated Vulnerability

VulnerabilityOS Platform
SUSE-SU-2025:02249-1(Public Cloud Module 15 SP6) SUSE-SU-2025:02249-1 kernel-azure-devel-debuginfo-6.4.0-150600.8.43.1.x86_64.rpmLinux
SUSE-SU-2025:02249-1(Public Cloud Module 15 SP6) SUSE-SU-2025:02249-1 kernel-azure-devel-6.4.0-150600.8.43.1.x86_64.rpmLinux
SUSE-SU-2025:02249-1(Public Cloud Module 15 SP6) SUSE-SU-2025:02249-1 kernel-azure-debugsource-6.4.0-150600.8.43.1.x86_64.rpmLinux
SUSE-SU-2025:02249-1(Public Cloud Module 15 SP6) SUSE-SU-2025:02249-1 kernel-azure-debuginfo-6.4.0-150600.8.43.1.x86_64.rpmLinux
SUSE-SU-2025:02249-1(Public Cloud Module 15 SP6) SUSE-SU-2025:02249-1 kernel-azure-6.4.0-150600.8.43.1.x86_64.rpmLinux
SUSE-SU-2025:02249-1(Public Cloud Module 15 SP6) SUSE-SU-2025:02249-1 kernel-syms-azure-6.4.0-150600.8.43.1.x86_64.rpmLinux
SUSE-SU-2025:02249-1(Public Cloud Module 15 SP6) SUSE-SU-2025:02249-1 kernel-source-azure-6.4.0-150600.8.43.1.noarch.rpmLinux
SUSE-SU-2025:02249-1(Public Cloud Module 15 SP6) SUSE-SU-2025:02249-1 kernel-devel-azure-6.4.0-150600.8.43.1.noarch.rpmLinux
SUSE-SU-2025:02254-1(Public Cloud Module 15 SP7) kernel-source-azure-6.4.0-150700.20.6.1.noarch.rpmLinux
SUSE-SU-2025:02254-1(Public Cloud Module 15 SP7) kernel-syms-azure-6.4.0-150700.20.6.1.x86_64.rpmLinux
SUSE-SU-2025:02254-1(Public Cloud Module 15 SP7) kernel-azure-6.4.0-150700.20.6.1.x86_64.rpmLinux
SUSE-SU-2025:02254-1(Public Cloud Module 15 SP7) kernel-azure-debuginfo-6.4.0-150700.20.6.1.x86_64.rpmLinux
SUSE-SU-2025:02254-1(Public Cloud Module 15 SP7) kernel-azure-debugsource-6.4.0-150700.20.6.1.x86_64.rpmLinux
SUSE-SU-2025:02254-1(Public Cloud Module 15 SP7) kernel-azure-devel-6.4.0-150700.20.6.1.x86_64.rpmLinux
SUSE-SU-2025:02254-1(Public Cloud Module 15 SP7) kernel-azure-devel-debuginfo-6.4.0-150700.20.6.1.x86_64.rpmLinux
SUSE-SU-2025:02254-1(Public Cloud Module 15 SP7) kernel-devel-azure-6.4.0-150700.20.6.1.noarch.rpmLinux
SUSE-SU-2025:02307-1(Basesystem Module 15 SP7) kernel-default-6.4.0-150700.53.6.1.x86_64.rpmLinux
SUSE-SU-2025:02307-1(Legacy Module 15 SP7) reiserfs-kmp-default-6.4.0-150700.53.6.1.x86_64.rpmLinux
SUSE-SU-2025:02307-1(Legacy Module 15 SP7) reiserfs-kmp-default-debuginfo-6.4.0-150700.53.6.1.x86_64.rpmLinux
SUSE-SU-2025:02307-1(Development Tools Module 15 SP7) kernel-syms-6.4.0-150700.53.6.1.x86_64.rpmLinux
SUSE-SU-2025:02307-1(Legacy Module 15 SP7) kernel-default-debugsource-6.4.0-150700.53.6.1.x86_64.rpmLinux
SUSE-SU-2025:02307-1(Basesystem Module 15 SP7) kernel-default-base-6.4.0-150700.53.6.1.150700.17.6.1.x86_64.rpmLinux
SUSE-SU-2025:02307-1(Development Tools Module 15 SP7) kernel-source-6.4.0-150700.53.6.1.noarch.rpmLinux
SUSE-SU-2025:02307-1(Basesystem Module 15 SP7) kernel-default-devel-debuginfo-6.4.0-150700.53.6.1.x86_64.rpmLinux
SUSE-SU-2025:02307-1(Basesystem Module 15 SP7) kernel-default-devel-6.4.0-150700.53.6.1.x86_64.rpmLinux
SUSE-SU-2025:02307-1(Development Tools Module 15 SP7) kernel-obs-build-debugsource-6.4.0-150700.53.6.1.x86_64.rpmLinux
SUSE-SU-2025:02307-1(Development Tools Module 15 SP7) kernel-docs-6.4.0-150700.53.6.1.noarch.rpmLinux
SUSE-SU-2025:02307-1(Basesystem Module 15 SP7) kernel-default-debuginfo-6.4.0-150700.53.6.1.x86_64.rpmLinux
SUSE-SU-2025:02307-1(Development Tools Module 15 SP7) kernel-obs-build-6.4.0-150700.53.6.1.x86_64.rpmLinux
SUSE-SU-2025:02307-1(Basesystem Module 15 SP7) kernel-devel-6.4.0-150700.53.6.1.noarch.rpmLinux
SUSE-SU-2025:02307-1(Basesystem Module 15 SP7) kernel-macros-6.4.0-150700.53.6.1.noarch.rpmLinux
SUSE-SU-2025:02538-1(Basesystem Module 15 SP6) kernel-default-debuginfo-6.4.0-150600.23.60.5.x86_64.rpmLinux
SUSE-SU-2025:02538-1(Basesystem Module 15 SP6) kernel-default-6.4.0-150600.23.60.5.x86_64.rpmLinux
SUSE-SU-2025:02538-1(Basesystem Module 15 SP6) kernel-devel-6.4.0-150600.23.60.4.noarch.rpmLinux
SUSE-SU-2025:02538-1(Basesystem Module 15 SP6) kernel-default-debugsource-6.4.0-150600.23.60.5.x86_64.rpmLinux
SUSE-SU-2025:02538-1(Basesystem Module 15 SP6) kernel-default-devel-6.4.0-150600.23.60.5.x86_64.rpmLinux
SUSE-SU-2025:02538-1(Basesystem Module 15 SP6) kernel-default-base-6.4.0-150600.23.60.5.150600.12.26.4.x86_64.rpmLinux
SUSE-SU-2025:02538-1(Basesystem Module 15 SP6) kernel-default-devel-debuginfo-6.4.0-150600.23.60.5.x86_64.rpmLinux
SUSE-SU-2025:02538-1(Legacy Module 15 SP6) reiserfs-kmp-default-debuginfo-6.4.0-150600.23.60.5.x86_64.rpmLinux
SUSE-SU-2025:02538-1(Legacy Module 15 SP6) reiserfs-kmp-default-6.4.0-150600.23.60.5.x86_64.rpmLinux
SUSE-SU-2025:02538-1(Development Tools Module 15 SP6) kernel-syms-6.4.0-150600.23.60.4.x86_64.rpmLinux
SUSE-SU-2025:02538-1(Development Tools Module 15 SP6) kernel-source-6.4.0-150600.23.60.4.noarch.rpmLinux
SUSE-SU-2025:02538-1(Development Tools Module 15 SP6) kernel-obs-build-debugsource-6.4.0-150600.23.60.3.x86_64.rpmLinux
SUSE-SU-2025:02538-1(Development Tools Module 15 SP6) kernel-obs-build-6.4.0-150600.23.60.3.x86_64.rpmLinux
SUSE-SU-2025:02538-1(Basesystem Module 15 SP6) kernel-macros-6.4.0-150600.23.60.4.noarch.rpmLinux
SUSE-SU-2025:02538-1(Development Tools Module 15 SP6) kernel-docs-6.4.0-150600.23.60.3.noarch.rpmLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-cpupower_6.1.147-1_i386.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-doc_6.1.147-1_all.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-doc-6.1_6.1.147-1_all.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-image-686-dbg_6.1.147-1_i386.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-image-686-pae-dbg_6.1.147-1_i386.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-cpupower_6.1.147-1_amd64.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-image-amd64-signed-template_6.1.147-1_amd64.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-image-cloud-amd64-dbg_6.1.147-1_amd64.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-image-i386-signed-template_6.1.147-1_i386.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-image-rt-686-pae-dbg_6.1.147-1_i386.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-image-rt-amd64-dbg_6.1.147-1_amd64.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-image-amd64-dbg_6.1.147-1_amd64.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-config-6.1_6.1.147-1_i386.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-config-6.1_6.1.147-1_amd64.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-compiler-gcc-12-x86_6.1.147-1_i386.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-kbuild-6.1_6.1.147-1_amd64.debLinux
linux security update(DSA-5973-1) DSA-5973-1 libcpupower1_6.1.147-1_i386.debLinux
linux security update(DSA-5973-1) DSA-5973-1 libcpupower1_6.1.147-1_amd64.debLinux
linux security update(DSA-5973-1) DSA-5973-1 libcpupower-dev_6.1.147-1_i386.debLinux
linux security update(DSA-5973-1) DSA-5973-1 libcpupower-dev_6.1.147-1_amd64.debLinux
linux security update(DSA-5973-1) DSA-5973-1 hyperv-daemons_6.1.147-1_i386.debLinux
linux security update(DSA-5973-1) DSA-5973-1 hyperv-daemons_6.1.147-1_amd64.debLinux
linux security update(DSA-5973-1) DSA-5973-1 bpftool_7.1.0+6.1.147-1_i386.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-compiler-gcc-12-x86_6.1.147-1_amd64.debLinux
linux security update(DSA-5973-1) DSA-5973-1 usbip_2.0+6.1.147-1_i386.debLinux
linux security update(DSA-5973-1) DSA-5973-1 usbip_2.0+6.1.147-1_amd64.debLinux
linux security update(DSA-5973-1) DSA-5973-1 rtla_6.1.147-1_i386.debLinux
linux security update(DSA-5973-1) DSA-5973-1 rtla_6.1.147-1_amd64.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-source-6.1_6.1.147-1_all.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-source_6.1.147-1_all.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-libc-dev_6.1.147-1_amd64.debLinux
linux security update(DSA-5973-1) DSA-5973-1 bpftool_7.1.0+6.1.147-1_amd64.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-libc-dev_6.1.147-1_i386.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-perf_6.1.147-1_amd64.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-kbuild-6.1_6.1.147-1_i386.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-perf_6.1.147-1_i386.debLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234