CVE-2025-38519 (GCVE-0-2025-38519)
Vulnerability from cvelistv5
Published
2025-08-16 10:55
Modified
2025-08-16 10:55
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: mm/damon: fix divide by zero in damon_get_intervals_score() The current implementation allows having zero size regions with no special reasons, but damon_get_intervals_score() gets crashed by divide by zero when the region size is zero. [ 29.403950] Oops: divide error: 0000 [#1] SMP NOPTI This patch fixes the bug, but does not disallow zero size regions to keep the backward compatibility since disallowing zero size regions might be a breaking change for some users. In addition, the same crash can happen when intervals_goal.access_bp is zero so this should be fixed in stable trees as well.
Impacted products
Vendor Product Version
Linux Linux Version: f04b0fedbe714f822bd066b319a60faa39a985a1
Version: f04b0fedbe714f822bd066b319a60faa39a985a1
Create a notification for this product.
   Linux Linux Version: 6.15
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "mm/damon/core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "ca4bb9ac706f05ead8ac1cce7b8245fc0645a687",
              "status": "affected",
              "version": "f04b0fedbe714f822bd066b319a60faa39a985a1",
              "versionType": "git"
            },
            {
              "lessThan": "bd225b9591442065beb876da72656f4a2d627d03",
              "status": "affected",
              "version": "f04b0fedbe714f822bd066b319a60faa39a985a1",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "mm/damon/core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.15"
            },
            {
              "lessThan": "6.15",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.15.*",
              "status": "unaffected",
              "version": "6.15.7",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.16",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.15.7",
                  "versionStartIncluding": "6.15",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.16",
                  "versionStartIncluding": "6.15",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/damon: fix divide by zero in damon_get_intervals_score()\n\nThe current implementation allows having zero size regions with no special\nreasons, but damon_get_intervals_score() gets crashed by divide by zero\nwhen the region size is zero.\n\n  [   29.403950] Oops: divide error: 0000 [#1] SMP NOPTI\n\nThis patch fixes the bug, but does not disallow zero size regions to keep\nthe backward compatibility since disallowing zero size regions might be a\nbreaking change for some users.\n\nIn addition, the same crash can happen when intervals_goal.access_bp is\nzero so this should be fixed in stable trees as well."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-16T10:55:06.083Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/ca4bb9ac706f05ead8ac1cce7b8245fc0645a687"
        },
        {
          "url": "https://git.kernel.org/stable/c/bd225b9591442065beb876da72656f4a2d627d03"
        }
      ],
      "title": "mm/damon: fix divide by zero in damon_get_intervals_score()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-38519",
    "datePublished": "2025-08-16T10:55:06.083Z",
    "dateReserved": "2025-04-16T04:51:24.023Z",
    "dateUpdated": "2025-08-16T10:55:06.083Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-38519\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-08-16T11:15:45.160\",\"lastModified\":\"2025-08-18T20:16:28.750\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nmm/damon: fix divide by zero in damon_get_intervals_score()\\n\\nThe current implementation allows having zero size regions with no special\\nreasons, but damon_get_intervals_score() gets crashed by divide by zero\\nwhen the region size is zero.\\n\\n  [   29.403950] Oops: divide error: 0000 [#1] SMP NOPTI\\n\\nThis patch fixes the bug, but does not disallow zero size regions to keep\\nthe backward compatibility since disallowing zero size regions might be a\\nbreaking change for some users.\\n\\nIn addition, the same crash can happen when intervals_goal.access_bp is\\nzero so this should be fixed in stable trees as well.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mm/damon: correcci\u00f3n de divisi\u00f3n por cero en damon_get_intervals_score() La implementaci\u00f3n actual permite tener regiones de tama\u00f1o cero sin razones especiales, pero damon_get_intervals_score() se bloquea por divisi\u00f3n por cero cuando el tama\u00f1o de la regi\u00f3n es cero. [ 29.403950] Oops: error de divisi\u00f3n: 0000 [#1] SMP NOPTI Este parche corrige el error, pero no deshabilita las regiones de tama\u00f1o cero para mantener la compatibilidad con versiones anteriores, ya que deshabilitar las regiones de tama\u00f1o cero podr\u00eda ser un cambio importante para algunos usuarios. Adem\u00e1s, el mismo bloqueo puede ocurrir cuando intervals_goal.access_bp es cero, por lo que esto tambi\u00e9n deber\u00eda corregirse en los \u00e1rboles estables.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/bd225b9591442065beb876da72656f4a2d627d03\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/ca4bb9ac706f05ead8ac1cce7b8245fc0645a687\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.


Loading…