Vulnerability Lookup

🛡️ CVE-2025-38445

🟠 CVSS 7.1 — High ✅ No Known Exploit CWE-125 NVD

7.1

CVSS Score

0 Low4 Medium7 High9 Critical10

Description

In the Linux kernel, the following vulnerability has been resolved: md/raid1: Fix stack memory use after return in raid1_reshape In the raid1_reshape function, newpool is allocated on the stack and assigned to conf->r1bio_pool. This results in conf->r1bio_pool.wait.head pointing to a stack address. Accessing this address later can lead to a kernel panic. Example access path: raid1_reshape() { // newpool is on the stack mempool_t newpool, oldpool; // initialize newpool.wait.head to stack address mempool_init(&newpool, ...); conf->r1bio_pool = newpool; } raid1_read_request() or raid1_write_request() { alloc_r1bio() { mempool_alloc() { // if pool->alloc fails remove_element() { --pool->curr_nr; } } } } mempool_free() { if (pool->curr_nr min_nr) { // pool->wait.head is a stack address // wake_up() will try to access this invalid address // which leads to a kernel panic return; wake_up(&pool->wait); } } Fix: reinit conf->r1bio_pool.wait after assigning newpool.

Details

Severity HIGH

CVSS Score 7.1

CVSS Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CWE CWE-125

Public Exploit ✅ No

Source NVD

Published 2025-07-25

Updated 2026-06-02

Modified 2025-12-22

Fix URL https://git.kernel.org/stable/c/12b00ec99624f8da8c325f2dd6e807df26df0025

Affected Packages

Software	From version	Fixed in
debian-linux	—	—
linux-kernel	—	—

References

Patch https://git.kernel.org/stable/c/12b00ec99624f8da8c325f2dd6e807df26df0025

Patch https://git.kernel.org/stable/c/48da050b4f54ed639b66278d0ae6f4107b2c4e2d

Patch https://git.kernel.org/stable/c/5f35e48b76655e45522df338876dfef88dafcc71

Patch https://git.kernel.org/stable/c/61fd5e93006cf82ec8ee5c115ab5cf4bbd104bdb

Patch https://git.kernel.org/stable/c/776e6186dc9ecbdb8a1b706e989166c8a99bbf64

Patch https://git.kernel.org/stable/c/d67ed2ccd2d1dcfda9292c0ea8697a9d0f2f0d98

Patch https://git.kernel.org/stable/c/d8a6853d00fbaa810765c8ed2f452a5832273968

Patch https://git.kernel.org/stable/c/df5894014a92ff0196dbc212a7764e97366fd2b7

Third Party Advisory https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html

Third Party Advisory https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html

🔗 NVD 🔗 Mitre ✅ Fix / Advisory

Similar Threats

Free Vulnerability Check

Is your WordPress site affected?

BotEraser helps you identify potentially vulnerable plugins and themes by checking your installation against known CVE records.

Scan My Site Free →

No credit card required · Results in minutes

ⓘ Data Notice: The information presented above has been compiled from publicly available internet sources. Boteraser aggregates this data solely for informational purposes and does not independently classify, evaluate, or endorse any findings about the vulnerabilities listed. The accuracy and completeness of this information is the sole responsibility of the original publishers. Boteraser and its operators accept no liability for any decisions made based on this data.

Is your WordPress site affected?

Company

Resources

Services

Trusted

Subscribe