{"id":"CVE-2025-38077","summary":"platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store()\n\nIf the 'buf' array received from the user contains an empty string, the\n'length' variable will be zero. Accessing the 'buf' array element with\nindex 'length - 1' will result in a buffer overflow.\n\nAdd a check for an empty string.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.","modified":"2026-03-20T12:42:39.805340Z","published":"2025-06-18T09:33:51.986Z","related":["SUSE-SU-2025:02249-1","SUSE-SU-2025:02254-1","SUSE-SU-2025:02307-1","SUSE-SU-2025:02333-1","SUSE-SU-2025:02335-1","SUSE-SU-2025:02538-1","SUSE-SU-2025:02923-1","SUSE-SU-2025:20475-1","SUSE-SU-2025:20483-1","SUSE-SU-2025:20493-1","SUSE-SU-2025:20498-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38077.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/4e89a4077490f52cde652d17e32519b666abf3a6"},{"type":"WEB","url":"https://git.kernel.org/stable/c/60bd13f8c4b3de2c910ae1cdbef85b9bbc9685f5"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8594a123cfa23d708582dc6fb36da34479ef8a5b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/97066373ffd55bd9af0b512ff3dd1f647620a3dc"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f86465626917df3b8bdd2756ec0cc9d179c5af0f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/fb7cde625872709b8cedad9b241e0ec3d82fa7d3"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38077.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38077"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"e8a60aa7404bfef37705da5607c97737073ac38d"},{"fixed":"fb7cde625872709b8cedad9b241e0ec3d82fa7d3"},{"fixed":"60bd13f8c4b3de2c910ae1cdbef85b9bbc9685f5"},{"fixed":"f86465626917df3b8bdd2756ec0cc9d179c5af0f"},{"fixed":"8594a123cfa23d708582dc6fb36da34479ef8a5b"},{"fixed":"97066373ffd55bd9af0b512ff3dd1f647620a3dc"},{"fixed":"4e89a4077490f52cde652d17e32519b666abf3a6"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38077.json"}}],"schema_version":"1.7.5"}