CVE-2025-37841

MEDIUM EPSS 14.1%
Published May 9, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published May 9, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: pm: cpupower: bench: Prevent NULL dereference on malloc failure If malloc returns NULL due to low memory, 'config' pointer can be NULL. Add a check to prevent NULL dereference.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
14.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 9

VendorProductVersionRange
linuxlinux_kernel* <5.4.293
linuxlinux_kernel*≥5.5  –  <5.10.237
linuxlinux_kernel*≥5.11  –  <5.15.181
linuxlinux_kernel*≥5.16  –  <6.1.135
linuxlinux_kernel*≥6.2  –  <6.6.88
linuxlinux_kernel*≥6.7  –  <6.12.24
linuxlinux_kernel*≥6.13  –  <6.13.12
linuxlinux_kernel*≥6.14  –  <6.14.3
debiandebian_linux11.0any

References 11

  • git.kernel.org https://git.kernel.org/stable/c/0e297a02e03dceb2874789ca40bd4e65c5371704
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/208baa3ec9043a664d9acfb8174b332e6b17fb69
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/34a9394794b0f97af6afedc0c9ee2012c24b28ed
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5e38122aa3fd0f9788186e86a677925bfec0b2d1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/79bded9d70142d2a11d931fc029afece471641db
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/87b9f0867c0afa7e892f4b30c36cff6bf2707f85
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/942a4b97fc77516678b1d8af1521ff9a94c13b3e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ceec06f464d5cfc0ba966225f7d50506ceb62242
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f8d28fa305b78c5d1073b63f26db265ba8291ae1
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html
    Mailing List
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html
    Mailing List

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/0e297a02e03dceb2874789ca40bd4e65c5371704
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/208baa3ec9043a664d9acfb8174b332e6b17fb69
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/34a9394794b0f97af6afedc0c9ee2012c24b28ed
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5e38122aa3fd0f9788186e86a677925bfec0b2d1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/79bded9d70142d2a11d931fc029afece471641db
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/87b9f0867c0afa7e892f4b30c36cff6bf2707f85
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/942a4b97fc77516678b1d8af1521ff9a94c13b3e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ceec06f464d5cfc0ba966225f7d50506ceb62242
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f8d28fa305b78c5d1073b63f26db265ba8291ae1
    Patch