CVE-2025-38173

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-38173

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38173.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-38173

Downstream

AZL-64520

BELL-CVE-2025-38173

CLSA-2025-1757963029

DEBIAN-CVE-2025-38173

DLA-4327-1

DLA-4328-1

DSA-5973-1

ECHO-5eb6-c1bd-a856

MGASA-2025-0218

MGASA-2025-0219

OESA-2025-2765

OESA-2025-2766

OESA-2025-2767

ROOT-OS-DEBIAN-11-CVE-2025-38173

ROOT-OS-DEBIAN-12-CVE-2025-38173

ROOT-OS-UBUNTU-2204-CVE-2025-38173

ROOT-OS-UBUNTU-2404-CVE-2025-38173

SUSE-SU-2025:02853-1

SUSE-SU-2025:02923-1

SUSE-SU-2025:02969-1

SUSE-SU-2025:02996-1

SUSE-SU-2025:02997-1

SUSE-SU-2025:03011-1

SUSE-SU-2025:03023-1

SUSE-SU-2025:03204-1

SUSE-SU-2025:20577-1

SUSE-SU-2025:20586-1

SUSE-SU-2025:20601-1

SUSE-SU-2025:20602-1

SUSE-SU-2025:21074-1

SUSE-SU-2025:21139-1

SUSE-SU-2025:21179-1

openSUSE-SU-2025:20081-1

Related

Published

2025-07-03T08:36:10.969Z

Modified

2026-05-28T03:54:02.741556067Z

Summary

crypto: marvell/cesa - Handle zero-length skcipher requests

Details

In the Linux kernel, the following vulnerability has been resolved:

crypto: marvell/cesa - Handle zero-length skcipher requests

Do not access random memory for zero-length skcipher requests. Just return 0.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38173.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

f63601fd616ab370774fa00ea10bcaaa9e48e84c

Fixed

32d3e8049a8b60f18c5c39f5931bfb1130ac11c9

Fixed

c064ae2881d839709bd72d484d5f2af157f46024

Fixed

e1cc69da619588b1488689fe3535a0ba75a2b0e7

Fixed

78ea1ff6cb413a03ff6f7af4e28e24b4461a0965

Fixed

5e9666ac8b94c978690f937d59170c5237bd2c45

Fixed

7894694b5d5b2ecfd7fb081d6f60b9e169ab4d13

Fixed

c9610dda42bd382a96f97e68825cb5f66cd9e1dc

Fixed

8a4e047c6cc07676f637608a9dd675349b5de0a7

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38173.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

4.2.0

Fixed

5.4.295

Type: ECOSYSTEM
Events: Introduced

5.5.0

Fixed

5.10.239

Type: ECOSYSTEM
Events: Introduced

5.11.0

Fixed

5.15.186

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.142

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.94

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.12.34

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.15.3

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38173.json"