CVE-2025-38088
7.1
HIGH
CVSS 3.1
EPSS 0.07%
Description
In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap memtrace mmap issue has an out of bounds issue. This patch fixes the by checking that the requested mapping region size should stay within the allocated region size.
How to fix CVE-2025-38088
To remediate CVE-2025-38088, upgrade the affected package to a fixed version below.
- Debian/linux—upgrade to 6.1.147-1 or later
- —upgrade to 6.1.153-1~deb11u1 or later
Is CVE-2025-38088 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 6.1.147-1
- from 0, < 6.1.153-1~deb11u1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.1 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H |