Acknowledged
Created: Jul 9, 2025
Updated: Jul 10, 2025
Found In Version: 10.23.30.1
Severity: Standard
Applicable for: Wind River Linux LTS 23
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:EOL][EOL]scsi: megaraid_sas: Fix invalid node index[EOL][EOL]On a system with DRAM interleave enabled, out-of-bound access is[EOL]detected:[EOL][EOL]megaraid_sas 0000:3f:00.0: requested/available msix 128/128 poll_queue 0[EOL]------------[ cut here ]------------[EOL]UBSAN: array-index-out-of-bounds in ./arch/x86/include/asm/topology.h:72:28[EOL]index -1 is out of range for type 'cpumask *[1024]'[EOL]dump_stack_lvl+0x5d/0x80[EOL]ubsan_epilogue+0x5/0x2b[EOL]__ubsan_handle_out_of_bounds.cold+0x46/0x4b[EOL]megasas_alloc_irq_vectors+0x149/0x190 [megaraid_sas][EOL]megasas_probe_one.cold+0xa4d/0x189c [megaraid_sas][EOL]local_pci_probe+0x42/0x90[EOL]pci_device_probe+0xdc/0x290[EOL]really_probe+0xdb/0x340[EOL]__driver_probe_device+0x78/0x110[EOL]driver_probe_device+0x1f/0xa0[EOL]__driver_attach+0xba/0x1c0[EOL]bus_for_each_dev+0x8b/0xe0[EOL]bus_add_driver+0x142/0x220[EOL]driver_register+0x72/0xd0[EOL]megasas_init+0xdf/0xff0 [megaraid_sas][EOL]do_one_initcall+0x57/0x310[EOL]do_init_module+0x90/0x250[EOL]init_module_from_file+0x85/0xc0[EOL]idempotent_init_module+0x114/0x310[EOL]__x64_sys_finit_module+0x65/0xc0[EOL]do_syscall_64+0x82/0x170[EOL]entry_SYSCALL_64_after_hwframe+0x76/0x7e[EOL][EOL]Fix it accordingly.
CREATE(Triage):(User=admin) [CVE-2025-38239 (https://nvd.nist.gov/vuln/detail/CVE-2025-38239)
