-

CVE-2025-38275

EPSS 0.03%
Veröffentlicht 10.07.2025 07:41:55
Zuletzt bearbeitet 10.07.2025 13:17:30
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug

The qmp_usb_iomap() helper function currently returns the raw result of
devm_ioremap() for non-exclusive mappings. Since devm_ioremap() may return
a NULL pointer and the caller only checks error pointers with IS_ERR(),
NULL could bypass the check and lead to an invalid dereference.

Fix the issue by checking if devm_ioremap() returns NULL. When it does,
qmp_usb_iomap() now returns an error pointer via IOMEM_ERR_PTR(-ENOMEM),
ensuring safe and consistent error handling.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 8

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 0b979a409e40457ca1b5cb48755d1f34eee58805

Version a5d6b1ac56cbd6b5850a3a54e35f1cb71e8e8cdd

Status affected

Version < 127dfb4f1c5a2b622039c5d203f321380ea36665

Version a5d6b1ac56cbd6b5850a3a54e35f1cb71e8e8cdd

Status affected

Version < 5072c1749197fc28b27d7efc0d80320d7cac9572

Version a5d6b1ac56cbd6b5850a3a54e35f1cb71e8e8cdd

Status affected

Version < 0c33117f00c8c5363c22676931b22ae5041f7603

Version a5d6b1ac56cbd6b5850a3a54e35f1cb71e8e8cdd

Status affected

Version < d14402a38c2d868cacb1facaf9be908ca6558e59

Version a5d6b1ac56cbd6b5850a3a54e35f1cb71e8e8cdd

Status affected

Version 368ea32e0ad0335bdf3180067875a928e35387c6

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 6.1

Status affected

Version < 6.1

Version 0

Status unaffected

Version <= 6.1.*

Version 6.1.142

Status unaffected

Version <= 6.6.*

Version 6.6.94

Status unaffected

Version <= 6.12.*

Version 6.12.34

Status unaffected

Version <= 6.15.*

Version 6.15.3

Status unaffected

Version <= *

Version 6.16

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.06

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/0b979a409e40457ca1b5cb48755d1f34eee58805

https://git.kernel.org/stable/c/127dfb4f1c5a2b622039c5d203f321380ea36665

https://git.kernel.org/stable/c/5072c1749197fc28b27d7efc0d80320d7cac9572

https://git.kernel.org/stable/c/0c33117f00c8c5363c22676931b22ae5041f7603

https://git.kernel.org/stable/c/d14402a38c2d868cacb1facaf9be908ca6558e59

https://nvd.nist.gov/vuln/detail/CVE-2025-38275

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38275

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38275

EUVD