Unrated severityNVD Advisory· Published Jul 25, 2025· Updated Jul 28, 2025

LoongArch: KVM: Check validity of "num_cpu" from user space

CVE-2025-38366

Description

In the Linux kernel, the following vulnerability has been resolved:

The maximum supported cpu number is EIOINTC_ROUTE_MAX_VCPUS about irqchip EIOINTC, here add validation about cpu number to avoid array pointer overflow.

Affected products

Linux/Linux Kernel Rtllm-fuzzy
Linux/Linuxv5
Range: 6.13

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

git.kernel.org/stable/c/a3293b4078ee93174f70f36d3ab7618554ce6ab6mitre
git.kernel.org/stable/c/cc8d5b209e09d3b52bca1ffe00045876842d96aemitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000