Acknowledged
Created: Jul 11, 2025
Updated: Jul 14, 2025
Found In Version: 10.23.30.1
Severity: Standard
Applicable for: Wind River Linux LTS 23
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:EOL][EOL]software node: Correct a OOB check in software_node_get_reference_args()[EOL][EOL]software_node_get_reference_args() wants to get @index-th element, so[EOL]the property value requires at least '(index + 1) * sizeof(*ref)' bytes[EOL]but that can not be guaranteed by current OOB check, and may cause OOB[EOL]for malformed property.[EOL][EOL]Fix by using as OOB check '((index + 1) * sizeof(*ref) > prop->length)'.
CREATE(Triage):(User=admin) [CVE-2025-38342 (https://nvd.nist.gov/vuln/detail/CVE-2025-38342)
