CVE-2025-38138

MEDIUM EPSS 6.3%
Published Jul 3, 202512mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Jul 3, 2025 12mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: Add NULL check in udma_probe() devm_kasprintf() returns NULL when memory allocation fails. Currently, udma_probe() does not check for this case, which results in a NULL pointer dereference. Add NULL check after devm_kasprintf() to prevent this issue.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
6.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 7

VendorProductVersionRange
linuxlinux_kernel*≥5.6  –  <5.10.239
linuxlinux_kernel*≥5.11  –  <5.15.186
linuxlinux_kernel*≥5.16  –  <6.1.142
linuxlinux_kernel*≥6.2  –  <6.6.94
linuxlinux_kernel*≥6.7  –  <6.12.34
linuxlinux_kernel*≥6.13  –  <6.15.3
debiandebian_linux11.0any

References 9

  • git.kernel.org https://git.kernel.org/stable/c/643db430f4cbd91dd2b63c49d62d0abb6debc13b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9f133e04c62246353b8b1f0a679535c65161ebcf
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b79e10050d9d1e200541d25751dd5cb8ec58483c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/bc6ddff79835f71310a21645d8fcf08ec473e969
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d61d5ba5bd5b0e39e30b34dcd92946e084bca0d0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ec1ea394c40523835bbedd8fc4934b77b461b6fe
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fd447415e74bccd7362f760d4ea727f8e1ebfe91
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
    Third Party Advisory
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
    Third Party Advisory

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/643db430f4cbd91dd2b63c49d62d0abb6debc13b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9f133e04c62246353b8b1f0a679535c65161ebcf
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b79e10050d9d1e200541d25751dd5cb8ec58483c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/bc6ddff79835f71310a21645d8fcf08ec473e969
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d61d5ba5bd5b0e39e30b34dcd92946e084bca0d0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ec1ea394c40523835bbedd8fc4934b77b461b6fe
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fd447415e74bccd7362f760d4ea727f8e1ebfe91
    Patch