AZL-66794 CVE-2025-38685 affecting package kernel for versions less than 6.6.104.2-1

🗓️ 04 Sep 2025 16:15:36Reported by GoogleType

osv

osv🔗 osv.dev👁 1 Views

Fixes out-of-bounds write in fast_imageblit during framebuffer mapping when console resize fails.

Reporter	Title	Published	Views	Family All 296
Tenable Nessus	Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2025-1186)	15 Sep 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2025-1208)	30 Sep 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2025-089 (ALASKERNEL-5.15-2025-089)	16 Sep 202500:00	–	nessus
Tenable Nessus	Debian dla-4328 : linux-config-6.1 - security update	13 Oct 202500:00	–	nessus
Tenable Nessus	Debian dsa-6009 : affs-modules-6.1.0-37-4kc-malta-di - security update	22 Sep 202500:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP11 : kernel (EulerOS-SA-2025-2464)	11 Dec 202500:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP11 : kernel (EulerOS-SA-2025-2483)	11 Dec 202500:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP13 : kernel (EulerOS-SA-2025-2501)	11 Dec 202500:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP13 : kernel (EulerOS-SA-2025-2522)	11 Dec 202500:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.13.0 : kernel (EulerOS-SA-2025-2609)	31 Dec 202500:00	–	nessus

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-38685

21 Apr 2026 04:37Current

5.8Medium risk

Vulners AI Score5.8

CVSS 3.17.8

EPSS0.00024

linux kernel framebuffer device fast image blit console resize out of bounds screen update io control