← Back to CVEs

CVE-2025-38081

HIGH

7.1

Description

In the Linux kernel, the following vulnerability has been resolved: spi-rockchip: Fix register out of bounds access Do not write native chip select stuff for GPIO chip selects. GPIOs can be numbered much higher than native CS. Also, it makes no sense.

CVE Details

CVSS v3.1 Score7.1

SeverityHIGH

CVSS VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Attack VectorLOCAL

ComplexityLOW

Privileges RequiredLOW

User InteractionNONE

Published6/18/2025

Last Modified11/14/2025

Sourcenvd

Honeypot Sightings0

Affected Products

linux:linux_kernel

Weaknesses (CWE)

CWE-125

References

https://git.kernel.org/stable/c/254e04ec799c1ff8c1e2bd08a57c6a849895d6ff(416baaa9-dc9f-4396-8d5f-8c081fb06d67)

https://git.kernel.org/stable/c/4a120221661fcecb253448d7b041a52d47f1d91f(416baaa9-dc9f-4396-8d5f-8c081fb06d67)

https://git.kernel.org/stable/c/7a874e8b54ea21094f7fd2d428b164394c6cb316(416baaa9-dc9f-4396-8d5f-8c081fb06d67)

https://git.kernel.org/stable/c/ace57bd1fb49d193edec5f6a1f255f48dd5fca90(416baaa9-dc9f-4396-8d5f-8c081fb06d67)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.