5.5

CVE-2025-37784

net: ti: icss-iep: Fix possible NULL pointer dereference for perout request

In the Linux kernel, the following vulnerability has been resolved:

net: ti: icss-iep: Fix possible NULL pointer dereference for perout request

The ICSS IEP driver tracks perout and pps enable state with flags.
Currently when disabling pps and perout signals during icss_iep_exit(),
results in NULL pointer dereference for perout.

To fix the null pointer dereference issue, the icss_iep_perout_enable_hw
function can be modified to directly clear the IEP CMP registers when
disabling PPS or PEROUT, without referencing the ptp_perout_request
structure, as its contents are irrelevant in this case.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.6.70 < 6.6.88
LinuxLinux Kernel Version >= 6.12.9 < 6.12.25
LinuxLinux Kernel Version >= 6.13.1 < 6.14.4
LinuxLinux Kernel Version6.13 Update-
LinuxLinux Kernel Version6.13 Updaterc6
LinuxLinux Kernel Version6.13 Updaterc7
LinuxLinux Kernel Version6.15 Updaterc1
LinuxLinux Kernel Version6.15 Updaterc2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.05
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/7891619d21f07a88e0275d6d43db74035aa74f69
Patch
https://git.kernel.org/stable/c/da5035d7aeadcfa44096dd34689bfed6c657f559
Patch
https://git.kernel.org/stable/c/eeec66327001421531b3fb1a2ac32efc8a2493b0
Patch
https://git.kernel.org/stable/c/7349c9e9979333abfce42da5f9025598083b59c9
Patch