CVE-2025-38428
Input: ims-pcu - check record size in ims_pcu_flash_firmware()
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
25 Jul 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In the Linux kernel, the following vulnerability has been resolved:
Input: ims-pcu - check record size in ims_pcu_flash_firmware()
The "len" variable comes from the firmware and we generally do
trust firmware, but it's always better to double check. If the "len"
is too large it could result in memory corruption when we do
"memcpy(fragment->data, rec->data, len);"
Affected products
Linux · LinuxReferences
https://git.kernel.org/stable/c/17474a56acf708bf6b2d174c06ed26abad0a9fd6https://git.kernel.org/stable/c/5a8cd6ae8393e2eaebf51d420d5374821ef2af87https://git.kernel.org/stable/c/74661516daee1eadebede8dc607b6830530096echttps://git.kernel.org/stable/c/8e03f1c7d50343bf21da54873301bc4fa647479fhttps://git.kernel.org/stable/c/a95ef0199e80f3384eb992889322957d26c00102https://git.kernel.org/stable/c/c1b9d140b0807c6aee4bb53e1bfa4e391e3dc204https://git.kernel.org/stable/c/d63706d9f73846106fde28b284f08e01b92ce9f1https://git.kernel.org/stable/c/e5a2481dc2a0b430f49276d7482793a8923631d6https://lists.debian.org/debian-lts-announce/2025/10/msg00007.htmlhttps://lists.debian.org/debian-lts-announce/2025/10/msg00008.html