Login Sign Up

CVE-2025-38679

7.1 HIGH

📋 TL;DR

A Linux kernel vulnerability in the Venus media driver allows out-of-bounds memory reads when processing firmware messages. This could lead to kernel crashes or information disclosure. Systems using affected Linux kernel versions with Venus driver enabled are vulnerable.

💻 Affected Systems

Products:
  • Linux kernel with Venus media driver
Versions: Kernel versions containing the vulnerable code before the fix commits
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Only vulnerable when Venus media driver is loaded and processing firmware messages.

📦 What is this software?

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash, or information disclosure from kernel memory that could aid further exploitation.

🟠

Likely Case

System instability or crashes when processing malformed firmware messages, potentially causing denial of service.

🟢

If Mitigated

No impact if the driver is not used or firmware is from trusted sources.

🌐 Internet-Facing: LOW - Requires local access or ability to influence firmware messages.
🏢 Internal Only: MEDIUM - Could be exploited by malicious firmware or local users with driver access.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires ability to influence firmware messages or driver input.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing the fix commits listed in references

Vendor Advisory: https://git.kernel.org/stable/c/06d6770ff0d8cc8dfd392329a8cc03e2a83e7289

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable Venus driver

linux

Prevent loading of the vulnerable Venus media driver module

echo 'blacklist venus' >> /etc/modprobe.d/blacklist-venus.conf
rmmod venus

🧯 If You Can't Patch

  • Restrict firmware updates to trusted sources only
  • Monitor system logs for kernel crashes or unusual driver behavior

🔍 How to Verify

Check if Vulnerable:

Check if Venus driver is loaded: lsmod | grep venus

Check Version:

uname -r

Verify Fix Applied:

Check kernel version includes fix commits or verify Venus driver version

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages
  • OOM killer activity
  • Driver crash logs

Network Indicators:

  • None - local vulnerability

SIEM Query:

source="kernel" AND ("panic" OR "Oops" OR "venus")

📊 Metadata

CVE ID: CVE-2025-38679
CVSS v3 Score: 7.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE: CWE-125
EPSS Score: 0.01% exploit probability (0.9th percentile)
Published: September 4, 2025
Last Updated: January 8, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-38679, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)