Home

CVE-2025-38298

Description

In the Linux kernel, the following vulnerability has been resolved:EDAC/skx_common: Fix general protection faultAfter loading i10nm_edac (which automatically loads skx_edac_common), ifunload only i10nm_edac, then reload it and perform error injection testing,a general protection fault may occur: mce: [Hardware Error]: Machine check events logged Oops: general protection fault ... ... Workqueue: events mce_gen_pool_process RIP: 0010:string+0x53/0xe0 ... Call Trace: die_addr+0x37/0x90 exc_general_protection+0x1e7/0x3f0 asm_exc_general_protection+0x26/0x30 string+0x53/0xe0 vsnprintf+0x23e/0x4c0 snprintf+0x4d/0x70 skx_adxl_decode+0x16a/0x330 [skx_edac_common] skx_mce_check_error.part.0+0xf8/0x220 [skx_edac_common] skx_mce_check_error+0x17/0x20 [skx_edac_common] ...The issue arose was because the variable adxl_component_count (insideskx_edac_common), which counts the ADXL components, was not reset. Duringthe reloading of i10nm_edac, the count was incremented by the actual numberof ADXL components again, resulting in a count that was double the realnumber of ADXL components. This led to an out-of-bounds reference to theADXL component array, causing the general protection fault above.Fix this issue by resetting the adxl_component_count in adxl_put(),which is called during the unloading of {skx,i10nm}_edac.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.022

Associated Vulnerability

VulnerabilityOS Platform
linux security update(DSA-5973-1) DSA-5973-1 linux-cpupower_6.1.147-1_i386.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-doc_6.1.147-1_all.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-doc-6.1_6.1.147-1_all.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-image-686-dbg_6.1.147-1_i386.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-image-686-pae-dbg_6.1.147-1_i386.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-cpupower_6.1.147-1_amd64.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-image-amd64-signed-template_6.1.147-1_amd64.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-image-cloud-amd64-dbg_6.1.147-1_amd64.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-image-i386-signed-template_6.1.147-1_i386.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-image-rt-686-pae-dbg_6.1.147-1_i386.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-image-rt-amd64-dbg_6.1.147-1_amd64.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-image-amd64-dbg_6.1.147-1_amd64.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-config-6.1_6.1.147-1_i386.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-config-6.1_6.1.147-1_amd64.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-compiler-gcc-12-x86_6.1.147-1_i386.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-kbuild-6.1_6.1.147-1_amd64.debLinux
linux security update(DSA-5973-1) DSA-5973-1 libcpupower1_6.1.147-1_i386.debLinux
linux security update(DSA-5973-1) DSA-5973-1 libcpupower1_6.1.147-1_amd64.debLinux
linux security update(DSA-5973-1) DSA-5973-1 libcpupower-dev_6.1.147-1_i386.debLinux
linux security update(DSA-5973-1) DSA-5973-1 libcpupower-dev_6.1.147-1_amd64.debLinux
linux security update(DSA-5973-1) DSA-5973-1 hyperv-daemons_6.1.147-1_i386.debLinux
linux security update(DSA-5973-1) DSA-5973-1 hyperv-daemons_6.1.147-1_amd64.debLinux
linux security update(DSA-5973-1) DSA-5973-1 bpftool_7.1.0+6.1.147-1_i386.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-compiler-gcc-12-x86_6.1.147-1_amd64.debLinux
linux security update(DSA-5973-1) DSA-5973-1 usbip_2.0+6.1.147-1_i386.debLinux
linux security update(DSA-5973-1) DSA-5973-1 usbip_2.0+6.1.147-1_amd64.debLinux
linux security update(DSA-5973-1) DSA-5973-1 rtla_6.1.147-1_i386.debLinux
linux security update(DSA-5973-1) DSA-5973-1 rtla_6.1.147-1_amd64.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-source-6.1_6.1.147-1_all.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-source_6.1.147-1_all.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-libc-dev_6.1.147-1_amd64.debLinux
linux security update(DSA-5973-1) DSA-5973-1 bpftool_7.1.0+6.1.147-1_amd64.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-libc-dev_6.1.147-1_i386.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-perf_6.1.147-1_amd64.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-kbuild-6.1_6.1.147-1_i386.debLinux
linux security update(DSA-5973-1) DSA-5973-1 linux-perf_6.1.147-1_i386.debLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234