5.5
CVE-2025-37910
- EPSS 0.16%
- Veröffentlicht 20.05.2025 15:21:42
- Zuletzt bearbeitet 17.11.2025 14:45:58
- CVE-Watchlists
- Unerledigt
ptp: ocp: Fix NULL dereference in Adva board SMA sysfs operations
In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: Fix NULL dereference in Adva board SMA sysfs operations On Adva boards, SMA sysfs store/get operations can call __handle_signal_outputs() or __handle_signal_inputs() while the `irig` and `dcf` pointers are uninitialized, leading to a NULL pointer dereference in __handle_signal() and causing a kernel crash. Adva boards don't use `irig` or `dcf` functionality, so add Adva-specific callbacks `ptp_ocp_sma_adva_set_outputs()` and `ptp_ocp_sma_adva_set_inputs()` that avoid invoking `irig` or `dcf` input/output routines.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.9 < 6.12.28
Linux ≫ Linux Kernel Version >= 6.13 < 6.14.6
Linux ≫ Linux Kernel Version6.15 Updaterc1
Linux ≫ Linux Kernel Version6.15 Updaterc2
Linux ≫ Linux Kernel Version6.15 Updaterc3
Linux ≫ Linux Kernel Version6.15 Updaterc4
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.16% | 0.052 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
https://git.kernel.org/stable/c/8a543d825e78b8d680d8f891381b83fbffdb0bb6
https://git.kernel.org/stable/c/5b349f9cdb4a9daa133bea267dfc0c383628387a
https://git.kernel.org/stable/c/e98386d79a23c57cf179fe4138322e277aa3aa74