Login Sign Up

CVE-2025-38484

7.8 HIGH
Denial of Service

📋 TL;DR

This CVE describes an out-of-bounds write vulnerability in the Linux kernel's IIO (Industrial I/O) subsystem backend. An attacker could write beyond the allocated buffer boundary, potentially leading to kernel memory corruption. This affects Linux systems using the IIO subsystem.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific affected versions not explicitly stated in CVE description; check kernel commit references for exact ranges.
Operating Systems: Linux distributions using vulnerable kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems where the IIO subsystem is enabled and used. Many embedded/IoT devices use IIO for sensor interfaces.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic, system crash, or potential privilege escalation to root if the memory corruption can be controlled to execute arbitrary code.

🟠

Likely Case

System instability, kernel crashes, or denial of service due to memory corruption.

🟢

If Mitigated

Limited impact if the IIO subsystem is not in use or if proper kernel hardening measures are implemented.

🌐 Internet-Facing: LOW - This is a kernel-level vulnerability requiring local access or specific hardware interaction through IIO.
🏢 Internal Only: MEDIUM - Local users or processes with access to IIO devices could potentially exploit this to cause system instability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires access to IIO device interfaces and precise control of write operations. No public exploits known at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing commits: 01e941aa7f5175125df4ac5d3aab099961525602, 6eea9f7648ddb9e4903735a1f77cf196c957aa38, da9374819eb3885636934c1006d450c3cb1a02ed

Vendor Advisory: https://git.kernel.org/stable/c/01e941aa7f5175125df4ac5d3aab099961525602

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution's repositories. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.

🔧 Temporary Workarounds

Disable IIO subsystem

linux

Remove or disable the Industrial I/O subsystem if not needed

modprobe -r iio
echo 'blacklist iio' >> /etc/modprobe.d/blacklist.conf

🧯 If You Can't Patch

  • Restrict access to IIO device files (typically in /sys/bus/iio/devices/) to trusted users only
  • Implement kernel hardening features like KASLR and stack protection to reduce exploit impact

🔍 How to Verify

Check if Vulnerable:

Check kernel version and verify if IIO subsystem is loaded: 'lsmod | grep iio' and 'uname -r'

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is updated and check that IIO module is from patched kernel: 'modinfo iio'

📡 Detection & Monitoring

Log Indicators:

  • Kernel oops messages
  • System crash/panic logs
  • Unexpected IIO device access

Network Indicators:

  • None - this is a local vulnerability

SIEM Query:

source="kernel" AND ("Oops" OR "panic" OR "segfault") AND process="iio"

📊 Metadata

CVE ID: CVE-2025-38484
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-787
EPSS Score: 0.01% exploit probability (1.7th percentile)
Published: July 28, 2025
Last Updated: November 19, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-38484, you might also want to check these:

CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2025-24201 10.0

This critical vulnerability allows malicious web content to break out of the Web Content sandbox via...

Same vulnerability type (CWE-787)
CVE-2020-14871 10.0

This is a critical buffer overflow vulnerability (CWE-787) in Oracle Solaris's Pluggable Authenticat...

Same vulnerability type (CWE-787)