CVE-2025-38135

MEDIUM EPSS 6.8%
Published Jul 3, 202512mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Jul 3, 2025 12mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: serial: Fix potential null-ptr-deref in mlb_usio_probe() devm_ioremap() can return NULL on error. Currently, mlb_usio_probe() does not check for this case, which could result in a NULL pointer dereference. Add NULL check after devm_ioremap() to prevent this issue.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
6.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 8

VendorProductVersionRange
linuxlinux_kernel*≥5.2  –  <5.4.295
linuxlinux_kernel*≥5.5  –  <5.10.239
linuxlinux_kernel*≥5.11  –  <5.15.186
linuxlinux_kernel*≥5.16  –  <6.1.142
linuxlinux_kernel*≥6.2  –  <6.6.94
linuxlinux_kernel*≥6.7  –  <6.12.34
linuxlinux_kernel*≥6.13  –  <6.15.3
debiandebian_linux11.0any

References 10

  • git.kernel.org https://git.kernel.org/stable/c/19fd9f5a69363d33079097d866eb6082d61bf31d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/548b0e81b9a0902a8bc8259430ed965663baadfc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/81159a6b064142b993f2f39828b77e199c77872a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/86bcae88c9209e334b2f8c252f4cc66beb261886
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a05ebe384c7ca75476453f3070c67d9cf1d1a89f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a6c7c365734cd0fa1c5aa225a6294fdf80cad2ea
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c23d87b43f7dba5eb12820f6cf21a1cd4f63eb3d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e1b144aebe6fb898d96ced8c990d7aa38fda4a7a
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
    Third Party Advisory
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
    Third Party Advisory

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/19fd9f5a69363d33079097d866eb6082d61bf31d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/548b0e81b9a0902a8bc8259430ed965663baadfc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/81159a6b064142b993f2f39828b77e199c77872a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/86bcae88c9209e334b2f8c252f4cc66beb261886
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a05ebe384c7ca75476453f3070c67d9cf1d1a89f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a6c7c365734cd0fa1c5aa225a6294fdf80cad2ea
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c23d87b43f7dba5eb12820f6cf21a1cd4f63eb3d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e1b144aebe6fb898d96ced8c990d7aa38fda4a7a
    Patch