CVE-2025-38446

EPSS 0.03%
Published 25.07.2025 16:15:30
Last modified 29.07.2025 14:14:55
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

clk: imx: Fix an out-of-bounds access in dispmix_csr_clk_dev_data

When num_parents is 4, __clk_register() occurs an out-of-bounds
when accessing parent_names member. Use ARRAY_SIZE() instead of
hardcode number here.

 BUG: KASAN: global-out-of-bounds in __clk_register+0x1844/0x20d8
 Read of size 8 at addr ffff800086988e78 by task kworker/u24:3/59
  Hardware name: NXP i.MX95 19X19 board (DT)
  Workqueue: events_unbound deferred_probe_work_func
  Call trace:
    dump_backtrace+0x94/0xec
    show_stack+0x18/0x24
    dump_stack_lvl+0x8c/0xcc
    print_report+0x398/0x5fc
    kasan_report+0xd4/0x114
    __asan_report_load8_noabort+0x20/0x2c
    __clk_register+0x1844/0x20d8
    clk_hw_register+0x44/0x110
    __clk_hw_register_mux+0x284/0x3a8
    imx95_bc_probe+0x4f4/0xa70

Affected products Warnungen 0 Metrics 1 CWE 0 References 6

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VendorLinux

≫

Product Linux

Default Statusunaffected

Version < fcee75daecc5234ee3482d8cf3518bf021d8a0a5

Version 5224b189462ff70df328f173b71acfd925092c3c

Status affected

Version < a956daad67cec454ee985e103e167711fab5b9b8

Version 5224b189462ff70df328f173b71acfd925092c3c

Status affected

Version < aacc875a448d363332b9df0621dde6d3a225ea9f

Version 5224b189462ff70df328f173b71acfd925092c3c

Status affected

VendorLinux

≫

Product Linux

Default Statusaffected

Version 6.10

Status affected

Version < 6.10

Version 0

Status unaffected

Version <= 6.12.*

Version 6.12.39

Status unaffected

Version <= 6.15.*

Version 6.15.7

Status unaffected

Version <= *

Version 6.16

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.03%	0.055

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string

https://git.kernel.org/stable/c/a956daad67cec454ee985e103e167711fab5b9b8

https://git.kernel.org/stable/c/aacc875a448d363332b9df0621dde6d3a225ea9f

https://git.kernel.org/stable/c/fcee75daecc5234ee3482d8cf3518bf021d8a0a5

https://nvd.nist.gov/vuln/detail/CVE-2025-38446

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38446

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38446

EUVD