CVE-2025-37830

MEDIUM EPSS 4.6%
Published May 8, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published May 8, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() cpufreq_cpu_get_raw() can return NULL when the target CPU is not present in the policy->cpus mask. scmi_cpufreq_get_rate() does not check for this case, which results in a NULL pointer dereference. Add NULL check after cpufreq_cpu_get_raw() to prevent this issue.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
4.6% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 9

VendorProductVersionRange
linuxlinux_kernel*≥4.17  –  <5.15.181
linuxlinux_kernel*≥5.16  –  <6.1.136
linuxlinux_kernel*≥6.2  –  <6.6.89
linuxlinux_kernel*≥6.7  –  <6.12.26
linuxlinux_kernel*≥6.13  –  <6.14.5
linuxlinux_kernel6.15any
linuxlinux_kernel6.15any
linuxlinux_kernel6.15any
debiandebian_linux11.0any

References 8

  • git.kernel.org https://git.kernel.org/stable/c/484d3f15cc6cbaa52541d6259778e715b2c83c54
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4e3d1c1925d8e752992cd893d03d974e6807ac16
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7ccfadfb2562337b4f0462a86a9746a6eea89718
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/bd1dcfba72aac4159c1d5e17cd861e702e6c19ac
  • git.kernel.org https://git.kernel.org/stable/c/cfaca93b8fe317b7faa9af732e0ba8c9081fa018
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ea834c90aa7cc80a1b456f7a91432734d5087d16
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f9c5423855e3687262d881aeee5cfb3bc8577bff
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html
    Mailing ListThird Party Advisory

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/484d3f15cc6cbaa52541d6259778e715b2c83c54
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4e3d1c1925d8e752992cd893d03d974e6807ac16
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7ccfadfb2562337b4f0462a86a9746a6eea89718
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cfaca93b8fe317b7faa9af732e0ba8c9081fa018
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ea834c90aa7cc80a1b456f7a91432734d5087d16
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f9c5423855e3687262d881aeee5cfb3bc8577bff
    Patch