CVE-2025-38213
Detail
Rejected This CVE has been marked Rejected in the CVE List. These CVEs are stored in the NVD, but do not show up in search results by default.
Description
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Metrics
CVSS Version 4.0
CVSS Version 3.x
CVSS Version 2.0
NVD enrichment efforts reference publicly available information to associate
vector strings. CVSS information contributed by other sources is also
displayed.
CVSS 4.0 Severity and Vector Strings:
NVD assessment
not yet provided.
CVSS 3.x Severity and Vector Strings:
NVD assessment
not yet provided.
CVSS 2.0 Severity and Vector Strings:
NVD assessment
not yet provided.
References to Advisories, Solutions, and Tools
By selecting these links, you will be leaving NIST webspace.
We have provided these links to other web sites because they
may have information that would be of interest to you. No
inferences should be drawn on account of other sites being
referenced, or not, from this page. There may be other web
sites that are more appropriate for your purpose. NIST does
not necessarily endorse the views expressed, or concur with
the facts presented on these sites. Further, NIST does not
endorse any commercial products that may be mentioned on
these sites. Please address comments about this page to [email protected]
Change History
3 change records found show changes
CVE Modified by kernel.org 8/11/2025 12:15:29 PM
Action
Type
Old Value
New Value
Changed
Description
Record truncated, showing 2048 of 3998 characters. View Entire Change Record In the Linux kernel, the following vulnerability has been resolved:
vgacon: Add check for vc_origin address range in vgacon_scroll()
Our in-house Syzkaller reported the following BUG (twice), which we
believed was the same issue with [1]:
==================================================================
BUG: KASAN: slab-out-of-bounds in vcs_scr_readw+0xc2/0xd0 drivers/tty/vt/vt.c:4740
Read of size 2 at addr ffff88800f5bef60 by task syz.7.2620/12393
...
Call Trace:
<TASK>
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0x72/0xa0 lib/dump_stack.c:106
print_address_description.constprop.0+0x6b/0x3d0 mm/kasan/report.c:364
print_report+0xba/0x280 mm/kasan/report.c:475
kasan_report+0xa9/0xe0 mm/kasan/report.c:588
vcs_scr_readw+0xc2/0xd0 drivers/tty/vt/vt.c:4740
vcs_write_buf_noattr drivers/tty/vt/vc_screen.c:493 [inline]
vcs_write+0x586/0x840 drivers/tty/vt/vc_screen.c:690
vfs_write+0x219/0x960 fs/read_write.c:584
ksys_write+0x12e/0x260 fs/read_write.c:639
do_syscall_x64 arch/x86/entry/common.c:51 [inline]
do_syscall_64+0x59/0x110 arch/x86/entry/common.c:81
entry_SYSCALL_64_after_hwframe+0x78/0xe2
...
</TASK>
Allocated by task 5614:
kasan_save_stack+0x20/0x40 mm/kasan/common.c:45
kasan_set_track+0x25/0x30 mm/kasan/common.c:52
____kasan_kmalloc mm/kasan/common.c:374 [inline]
__kasan_kmalloc+0x8f/0xa0 mm/kasan/common.c:383
kasan_kmalloc include/linux/kasan.h:201 [inline]
__do_kmalloc_node mm/slab_common.c:1007 [inline]
__kmalloc+0x62/0x140 mm/slab_common.c:1020
kmalloc include/linux/slab.h:604 [inline]
kzalloc include/linux/slab.h:721 [inline]
vc_do_resize+0x235/0xf40 drivers/tty/vt/vt.c:1193
vgacon_adjust_height+0x2d4/0x350 drivers/video/console/vgacon.c:1007
vgacon_font_set+0x1f7/0x240 drivers/video/console/vgacon.c:1031
con_font_set drivers/tty/vt/vt.c:4628 [inline]
con_font_op+0x4da/0xa20 drivers/tty/vt/vt.c:4675
vt_k_ioctl+0xa10/0xb30 drivers/tty/vt/vt_ioctl.c:474
vt_ioctl+0x14c/0x1870 drivers/tty/vt/vt_ioctl.c:752
tty_ioctl+0x655/0x1510 drivers/tty/tty_io.c:2779
vfs_i
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Removed
Reference
kernel.org: https://git.kernel.org/stable/c/2f4040a5855a59e48296f1b5a7cc0fceea3195b1
Removed
Reference
kernel.org: https://git.kernel.org/stable/c/499b77fa1416a85fee106e60b240e912bca10cb8
Removed
Reference
kernel.org: https://git.kernel.org/stable/c/843de5fbfe277e30fb333a7fa033b684c37829ac
Removed
Reference
kernel.org: https://git.kernel.org/stable/c/864f9963ec6b4b76d104d595ba28110b87158003
Removed
Reference
kernel.org: https://git.kernel.org/stable/c/9928ba7de39793a1c7c77b8b9e6ecf6209110311
Removed
Reference
kernel.org: https://git.kernel.org/stable/c/bf9c07864765864b968e59c7b72db91130d621ca
Removed
Reference
kernel.org: https://git.kernel.org/stable/c/e44532b1c358bfd2c4c7dc28fd01d47fef09ac70
Removed
Reference
kernel.org: https://git.kernel.org/stable/c/f20fd54af4e1077fdbca4dd98375a4d1d941e50d
CVE Rejected by kernel.org 8/11/2025 12:15:29 PM
Action
Type
Old Value
New Value
New CVE Received from kernel.org 7/04/2025 10:15:29 AM
Action
Type
Old Value
New Value
Added
Description
Record truncated, showing 2048 of 3998 characters. View Entire Change Record In the Linux kernel, the following vulnerability has been resolved:
vgacon: Add check for vc_origin address range in vgacon_scroll()
Our in-house Syzkaller reported the following BUG (twice), which we
believed was the same issue with [1]:
==================================================================
BUG: KASAN: slab-out-of-bounds in vcs_scr_readw+0xc2/0xd0 drivers/tty/vt/vt.c:4740
Read of size 2 at addr ffff88800f5bef60 by task syz.7.2620/12393
...
Call Trace:
<TASK>
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0x72/0xa0 lib/dump_stack.c:106
print_address_description.constprop.0+0x6b/0x3d0 mm/kasan/report.c:364
print_report+0xba/0x280 mm/kasan/report.c:475
kasan_report+0xa9/0xe0 mm/kasan/report.c:588
vcs_scr_readw+0xc2/0xd0 drivers/tty/vt/vt.c:4740
vcs_write_buf_noattr drivers/tty/vt/vc_screen.c:493 [inline]
vcs_write+0x586/0x840 drivers/tty/vt/vc_screen.c:690
vfs_write+0x219/0x960 fs/read_write.c:584
ksys_write+0x12e/0x260 fs/read_write.c:639
do_syscall_x64 arch/x86/entry/common.c:51 [inline]
do_syscall_64+0x59/0x110 arch/x86/entry/common.c:81
entry_SYSCALL_64_after_hwframe+0x78/0xe2
...
</TASK>
Allocated by task 5614:
kasan_save_stack+0x20/0x40 mm/kasan/common.c:45
kasan_set_track+0x25/0x30 mm/kasan/common.c:52
____kasan_kmalloc mm/kasan/common.c:374 [inline]
__kasan_kmalloc+0x8f/0xa0 mm/kasan/common.c:383
kasan_kmalloc include/linux/kasan.h:201 [inline]
__do_kmalloc_node mm/slab_common.c:1007 [inline]
__kmalloc+0x62/0x140 mm/slab_common.c:1020
kmalloc include/linux/slab.h:604 [inline]
kzalloc include/linux/slab.h:721 [inline]
vc_do_resize+0x235/0xf40 drivers/tty/vt/vt.c:1193
vgacon_adjust_height+0x2d4/0x350 drivers/video/console/vgacon.c:1007
vgacon_font_set+0x1f7/0x240 drivers/video/console/vgacon.c:1031
con_font_set drivers/tty/vt/vt.c:4628 [inline]
con_font_op+0x4da/0xa20 drivers/tty/vt/vt.c:4675
vt_k_ioctl+0xa10/0xb30 drivers/tty/vt/vt_ioctl.c:474
vt_ioctl+0x14c/0x1870 drivers/tty/vt/vt_ioctl.c:752
tty_ioctl+0x655/0x1510 drivers/tty/tty_io.c:2779
vfs_i
Added
Reference
https://git.kernel.org/stable/c/2f4040a5855a59e48296f1b5a7cc0fceea3195b1
Added
Reference
https://git.kernel.org/stable/c/499b77fa1416a85fee106e60b240e912bca10cb8
Added
Reference
https://git.kernel.org/stable/c/843de5fbfe277e30fb333a7fa033b684c37829ac
Added
Reference
https://git.kernel.org/stable/c/864f9963ec6b4b76d104d595ba28110b87158003
Added
Reference
https://git.kernel.org/stable/c/9928ba7de39793a1c7c77b8b9e6ecf6209110311
Added
Reference
https://git.kernel.org/stable/c/bf9c07864765864b968e59c7b72db91130d621ca
Added
Reference
https://git.kernel.org/stable/c/e44532b1c358bfd2c4c7dc28fd01d47fef09ac70
Added
Reference
https://git.kernel.org/stable/c/f20fd54af4e1077fdbca4dd98375a4d1d941e50d
Quick Info
CVE Dictionary Entry: CVE-2025-38213 NVD
Published Date: 07/04/2025 NVD
Last Modified: 08/11/2025
Source: kernel.org
) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
