CVE-2025-38519 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-38519 PUBLISHED CVSS 5.5 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: mm/damon: fix divide by zero in damon_get_intervals_score() The current implementation allows having zero size regions with no special reasons, but damon_get_intervals_score() gets crashed by divide by zero when the region size is zero. [ 29.403950] Oops: divide error: 0000 [#1] SMP NOPTI This patch fixes the bug, but does not disallow zero size regions to keep the backward compatibility since disallowing zero size regions might be a breaking change for some users. In addition, the same crash can happen when intervals_goal.access_bp is zero so this should be fixed in stable trees as well.

EPSS 0.02% · 5.2th percentile

Risk Scores

CVSS v3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Score

0.02%

5.2th percentile

Affected Products

Vendor	Product	Versions
linux	linux_kernel	6.16, 6.15, 6.15
Linux	Linux	f04b0fedbe714f822bd066b319a60faa39a985a1, 6.15, 0

Timeline

Aug 16, 2025 EPSS Score
Aug 16, 2025 CVE Published
Aug 24, 2025 EPSS Score
Aug 31, 2025 EPSS Score
Sep 8, 2025 EPSS Score
Sep 15, 2025 EPSS Score
Sep 23, 2025 EPSS Score
Oct 1, 2025 EPSS Score
Oct 8, 2025 EPSS Score
Oct 12, 2025 PoC Published
Oct 16, 2025 EPSS Score
Oct 24, 2025 EPSS Score

References

Open in Interactive Console →