We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-38366

LoongArch: KVM: Check validity of "num_cpu" from user space



Description

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Check validity of "num_cpu" from user space The maximum supported cpu number is EIOINTC_ROUTE_MAX_VCPUS about irqchip EIOINTC, here add validation about cpu number to avoid array pointer overflow.

Reserved 2025-04-16 | Published 2025-07-25 | Updated 2025-07-25 | Assigner Linux

Product status

Default status
unaffected

1ad7efa552fd5cf4e8c49fea863c5c6a5dcf9f00 before a3293b4078ee93174f70f36d3ab7618554ce6ab6
affected

1ad7efa552fd5cf4e8c49fea863c5c6a5dcf9f00 before cc8d5b209e09d3b52bca1ffe00045876842d96ae
affected

Default status
affected

6.13
affected

Any version before 6.13
unaffected

6.15.5
unaffected

6.16-rc4
unaffected

References

git.kernel.org/...c/a3293b4078ee93174f70f36d3ab7618554ce6ab6

git.kernel.org/...c/cc8d5b209e09d3b52bca1ffe00045876842d96ae

cve.org (CVE-2025-38366)

nvd.nist.gov (CVE-2025-38366)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-38366

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.