CVE-2025-38412

platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks

Description

In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks After retrieving WMI data blocks in sysfs callbacks, check for the validity of them before dereferencing their content.

N/A

CVSS

Severity:

EPSS 0.03%

Affected: Linux Linux

References

Link	Tags
https://git.kernel.org/stable/c/92c2d914b5337431d885597a79a3a3d9d55e80b7
https://git.kernel.org/stable/c/68e9963583d11963ceca5d276e9c44684509f759
https://git.kernel.org/stable/c/0deb3eb78ebf225cb41aa9b2b2150f46cbfd359e
https://git.kernel.org/stable/c/5df3b870bc389a1767c72448a3ce1c576ef4deab
https://git.kernel.org/stable/c/aaf847dcb4114fe8b25d4c1c790bedcb6088cb3d
https://git.kernel.org/stable/c/eb617dd25ca176f3fee24f873f0fd60010773d67

Frequently Asked Questions

What is the severity of CVE-2025-38412?: CVE-2025-38412 has not yet been assigned a CVSS score.
How to fix CVE-2025-38412?: To fix CVE-2025-38412, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2025-38412 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2025-38412 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-38412?: CVE-2025-38412 affects Linux Linux, Linux Linux.

This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.