CVE-2025-38277
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
10/07/2025
Last modified:
18/12/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
mtd: nand: ecc-mxic: Fix use of uninitialized variable ret<br />
<br />
If ctx->steps is zero, the loop processing ECC steps is skipped,<br />
and the variable ret remains uninitialized. It is later checked<br />
and returned, which leads to undefined behavior and may cause<br />
unpredictable results in user space or kernel crashes.<br />
<br />
This scenario can be triggered in edge cases such as misconfigured<br />
geometry, ECC engine misuse, or if ctx->steps is not validated<br />
after initialization.<br />
<br />
Initialize ret to zero before the loop to ensure correct and safe<br />
behavior regardless of the ctx->steps value.<br />
<br />
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.18 (including) | 6.1.142 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.94 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.12.34 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.13 (including) | 6.15.3 (excluding) |
| cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/49482f4a39620f6afedcd3f6aa9e0d558b6a460b
- https://git.kernel.org/stable/c/4d9d6e4be09472aa72953caca3dbefdc27846170
- https://git.kernel.org/stable/c/7a23cc510ecaabab4f6df7e9d910d16e279b72ad
- https://git.kernel.org/stable/c/a0d9d9b5a4634e146ae41cb25667322e5c7d74d2
- https://git.kernel.org/stable/c/d95846350aac72303036a70c4cdc69ae314aa26d
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html