CVE-2025-38296

EPSS 0.03%
Published 10.07.2025 07:42:10
Last modified 10.07.2025 13:17:30
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

ACPI: platform_profile: Avoid initializing on non-ACPI platforms

The platform profile driver is loaded even on platforms that do not have
ACPI enabled. The initialization of the sysfs entries was recently moved
from platform_profile_register() to the module init call, and those
entries need acpi_kobj to be initialized which is not the case when ACPI
is disabled.

This results in the following warning:

 WARNING: CPU: 5 PID: 1 at fs/sysfs/group.c:131 internal_create_group+0xa22/0xdd8
 Modules linked in:
 CPU: 5 UID: 0 PID: 1 Comm: swapper/0 Tainted: G        W           6.15.0-rc7-dirty #6 PREEMPT
 Tainted: [W]=WARN
 Hardware name: riscv-virtio,qemu (DT)
 epc : internal_create_group+0xa22/0xdd8
  ra : internal_create_group+0xa22/0xdd8

 Call Trace:

 internal_create_group+0xa22/0xdd8
 sysfs_create_group+0x22/0x2e
 platform_profile_init+0x74/0xb2
 do_one_initcall+0x198/0xa9e
 kernel_init_freeable+0x6d8/0x780
 kernel_init+0x28/0x24c
 ret_from_fork+0xe/0x18

Fix this by checking if ACPI is enabled before trying to create sysfs
entries.

[ rjw: Subject and changelog edits ]

Affected products Warnungen 0 Metrics 1 CWE 0 References 5

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VendorLinux

≫

Product Linux

Default Statusunaffected

Version < ccc3d68b92be89c30ba42ac62d2a141bd0c2b457

Version 77be5cacb2c2d8c3ddd069f0b4e9408f553af1d8

Status affected

Version < dd133162c9cff5951a692fab9811fadf46a46457

Version 77be5cacb2c2d8c3ddd069f0b4e9408f553af1d8

Status affected

VendorLinux

≫

Product Linux

Default Statusaffected

Version 6.14

Status affected

Version < 6.14

Version 0

Status unaffected

Version <= 6.15.*

Version 6.15.3

Status unaffected

Version <= *

Version 6.16

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.03%	0.062

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string

https://git.kernel.org/stable/c/ccc3d68b92be89c30ba42ac62d2a141bd0c2b457

https://git.kernel.org/stable/c/dd133162c9cff5951a692fab9811fadf46a46457

https://nvd.nist.gov/vuln/detail/CVE-2025-38296

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38296

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38296

EUVD