{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-38178", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "REJECTED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T04:51:23.992Z", "datePublished": "2025-07-04T13:37:06.717Z", "dateUpdated": "2025-07-28T04:32:02.009Z", "dateRejected": "2025-07-28T04:32:02.009Z"}, "containers": {"cna": {"rejectedReasons": [{"lang": "en", "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-07-28T04:32:02.009Z"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."}], "id": "CVE-2025-38178", "lastModified": "2025-07-28T05:15:44.407", "metrics": {}, "published": "2025-07-04T14:15:24.233", "references": [], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Rejected"}

{"bugzilla": {"description": "kernel: EDAC/igen6: Fix NULL pointer dereference", "id": "2376369", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376369"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nEDAC/igen6: Fix NULL pointer dereference\nA kernel panic was reported with the following kernel log:\nEDAC igen6: Expected 2 mcs, but only 1 detected.\nBUG: unable to handle page fault for address: 000000000000d570\n...\nHardware name: Notebook V54x_6x_TU/V54x_6x_TU, BIOS Dasharo (coreboot+UEFI) v0.9.0 07/17/2024\nRIP: e030:ecclog_handler+0x7e/0xf0 [igen6_edac]\n...\nigen6_probe+0x2a0/0x343 [igen6_edac]\n...\nigen6_init+0xc5/0xff0 [igen6_edac]\n...\nThis issue occurred because one memory controller was disabled by\nthe BIOS but the igen6_edac driver still checked all the memory\ncontrollers, including this absent one, to identify the source of\nthe error. Accessing the null MMIO for the absent memory controller\nresulted in the oops above.\nFix this issue by reverting the configuration structure to non-const\nand updating the field 'res_cfg->num_imc' to reflect the number of\ndetected memory controllers."], "name": "CVE-2025-38178", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-07-04T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-38178\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-38178\nhttps://lore.kernel.org/linux-cve-announce/2025070407-CVE-2025-38178-8846@gregkh/T"], "threat_severity": "Moderate"}