CVE-2025-38645

MEDIUM EPSS 4.3%
Published Aug 22, 202510mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Aug 22, 2025 10mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Check device memory pointer before usage Add a NULL check before accessing device memory to prevent a crash if dev->dm allocation in mlx5_init_once() fails.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
4.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 7

VendorProductVersionRange
linuxlinux_kernel*≥5.4  –  <5.15.190
linuxlinux_kernel*≥5.16  –  <6.1.148
linuxlinux_kernel*≥6.2  –  <6.6.102
linuxlinux_kernel*≥6.7  –  <6.12.42
linuxlinux_kernel*≥6.13  –  <6.15.10
linuxlinux_kernel*≥6.16  –  <6.16.1
debiandebian_linux11.0any

References 8

  • git.kernel.org https://git.kernel.org/stable/c/3046b011d368162b1b9ca9453eee0fea930e0a93
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4249f1307932f1b6bbb8b7eba60d82f0b7e44430
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/62d7cf455c887941ed6f105cd430ba04ee0b6c9f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/70f238c902b8c0461ae6fbb8d1a0bbddc4350eea
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9053a69abfb5680c2a95292b96df5d204bc0776f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/da899a1fd7c40e2e4302af1db7d0b8540fb22283
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/eebb225fe6c9103293807b8edabcbad59f9589bc
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
    Third Party Advisory

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/3046b011d368162b1b9ca9453eee0fea930e0a93
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4249f1307932f1b6bbb8b7eba60d82f0b7e44430
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/62d7cf455c887941ed6f105cd430ba04ee0b6c9f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/70f238c902b8c0461ae6fbb8d1a0bbddc4350eea
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9053a69abfb5680c2a95292b96df5d204bc0776f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/da899a1fd7c40e2e4302af1db7d0b8540fb22283
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/eebb225fe6c9103293807b8edabcbad59f9589bc
    Patch