CVE-2025-38635

MEDIUM EPSS 5.5%
Published Aug 22, 202510mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Aug 22, 2025 10mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: clk: davinci: Add NULL check in davinci_lpsc_clk_register() devm_kasprintf() returns NULL when memory allocation fails. Currently, davinci_lpsc_clk_register() does not check for this case, which results in a NULL pointer dereference. Add NULL check after devm_kasprintf() to prevent this issue and ensuring no resources are left allocated.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
5.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 9

VendorProductVersionRange
linuxlinux_kernel*≥4.17  –  <5.4.297
linuxlinux_kernel*≥5.5  –  <5.10.241
linuxlinux_kernel*≥5.11  –  <5.15.190
linuxlinux_kernel*≥5.16  –  <6.1.148
linuxlinux_kernel*≥6.2  –  <6.6.102
linuxlinux_kernel*≥6.7  –  <6.12.42
linuxlinux_kernel*≥6.13  –  <6.15.10
linuxlinux_kernel*≥6.16  –  <6.16.1
debiandebian_linux11.0any

References 11

  • git.kernel.org https://git.kernel.org/stable/c/105e8115944a9f93e9412abe7bb07ed96725adf9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/13de464f445d42738fe18c9a28bab056ba3a290a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1d92608a29251278015f57f3572bc950db7519f0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/23f564326deaafacfd7adf6104755b15216d8320
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2adc945b70c4d97e9491a6c0c9f3b217a9eecfba
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6fb19cdcf040e1dec052a9032acb66cc2ad1d43f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/77e9ad7a2d0e2a771c9e0be04b9d1639413b5f13
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7843412e5927dafbb844782c56b6380564064109
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7943ed1f05f5cb7372dca2aa227f848747a98791
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
    Third Party Advisory
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
    Third Party Advisory

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/105e8115944a9f93e9412abe7bb07ed96725adf9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/13de464f445d42738fe18c9a28bab056ba3a290a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1d92608a29251278015f57f3572bc950db7519f0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/23f564326deaafacfd7adf6104755b15216d8320
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2adc945b70c4d97e9491a6c0c9f3b217a9eecfba
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6fb19cdcf040e1dec052a9032acb66cc2ad1d43f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/77e9ad7a2d0e2a771c9e0be04b9d1639413b5f13
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7843412e5927dafbb844782c56b6380564064109
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7943ed1f05f5cb7372dca2aa227f848747a98791
    Patch