U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. Vulnerabilities

CVE-2025-38386 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: ACPICA: Refuse to evaluate a method if arguments are missing As reported in [1], a platform firmware update that increased the number of method parameters and forgot to update a least one of its callers, caused ACPICA to crash due to use-after-free. Since this a result of a clear AML issue that arguably cannot be fixed up by the interpreter (it cannot produce missing data out of thin air), address it by making ACPICA refuse to evaluate a method if the caller attempts to pass fewer arguments than expected to it.


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL Source(s) Tag(s)
https://git.kernel.org/stable/c/18ff4ed6a33a7e3f2097710eacc96bea7696e803 kernel.org
https://git.kernel.org/stable/c/2219e49857ffd6aea1b1ca5214d3270f84623a16 kernel.org
https://git.kernel.org/stable/c/4305d936abde795c2ef6ba916de8f00a50f64d2d kernel.org
https://git.kernel.org/stable/c/6fcab2791543924d438e7fa49276d0998b0a069f kernel.org
https://git.kernel.org/stable/c/ab1e8491c19eb2ea0fda81ef28e841c7cb6399f5 kernel.org
https://git.kernel.org/stable/c/b49d224d1830c46e20adce2a239c454cdab426f1 kernel.org
https://git.kernel.org/stable/c/c9e4da550ae196132b990bd77ed3d8f2d9747f87 kernel.org
https://git.kernel.org/stable/c/d547779e72cea9865b732cd45393c4cd02b3598e kernel.org

Weakness Enumeration

CWE-ID CWE Name Source

Change History

1 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2025-38386
NVD Published Date:
07/25/2025
NVD Last Modified:
07/25/2025
Source:
kernel.org