VYPR
High severity7.1NVD Advisory· Published Sep 4, 2025· Updated Jun 17, 2026

CVE-2025-38715

CVE-2025-38715

Description

In the Linux kernel, the following vulnerability has been resolved:

hfs: fix slab-out-of-bounds in hfs_bnode_read()

This patch introduces is_bnode_offset_valid() method that checks the requested offset value. Also, it introduces check_and_correct_requested_length() method that checks and correct the requested length (if it is necessary). These methods are used in hfs_bnode_read(), hfs_bnode_write(), hfs_bnode_clear(), hfs_bnode_copy(), and hfs_bnode_move() with the goal to prevent the access out of allocated memory and triggering the crash.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

83

Patches

Vulnerability mechanics

References

12

News mentions

1