-

CVE-2025-38487

EPSS 0.09%
Veröffentlicht 28.07.2025 11:21:51
Zuletzt bearbeitet 03.11.2025 18:16:25
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled

Mitigate e.g. the following:

    # echo 1e789080.lpc-snoop > /sys/bus/platform/drivers/aspeed-lpc-snoop/unbind
    ...
    [  120.363594] Unable to handle kernel NULL pointer dereference at virtual address 00000004 when write
    [  120.373866] [00000004] *pgd=00000000
    [  120.377910] Internal error: Oops: 805 [#1] SMP ARM
    [  120.383306] CPU: 1 UID: 0 PID: 315 Comm: sh Not tainted 6.15.0-rc1-00009-g926217bc7d7d-dirty #20 NONE
    ...
    [  120.679543] Call trace:
    [  120.679559]  misc_deregister from aspeed_lpc_snoop_remove+0x84/0xac
    [  120.692462]  aspeed_lpc_snoop_remove from platform_remove+0x28/0x38
    [  120.700996]  platform_remove from device_release_driver_internal+0x188/0x200
    ...

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 13

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 62e51f51d97477ea4e78c82e7076a171dac86c75

Version 9f4f9ae81d0affc182f54dd00285ddb90e0b3ae1

Status affected

Version < 9e1d2b97f5e2a36a2fd30a8bd30ead9dac5e3a51

Version 9f4f9ae81d0affc182f54dd00285ddb90e0b3ae1

Status affected

Version < 166afe964e8433d52c641f5d1c09102bacee9a92

Version 9f4f9ae81d0affc182f54dd00285ddb90e0b3ae1

Status affected

Version < dc5598482e2d3b234f6d72d6f5568e24f603e51a

Version 9f4f9ae81d0affc182f54dd00285ddb90e0b3ae1

Status affected

Version < 329a80adc0e5f815d0514a6d403aaaf0995cd9be

Version 9f4f9ae81d0affc182f54dd00285ddb90e0b3ae1

Status affected

Version < b361598b7352f02456619a6105c7da952ef69f8f

Version 9f4f9ae81d0affc182f54dd00285ddb90e0b3ae1

Status affected

Version < ac10ed9862104936a412f8b475c869e99f048448

Version 9f4f9ae81d0affc182f54dd00285ddb90e0b3ae1

Status affected

Version < 56448e78a6bb4e1a8528a0e2efe94eff0400c247

Version 9f4f9ae81d0affc182f54dd00285ddb90e0b3ae1

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.13

Status affected

Version < 4.13

Version 0

Status unaffected

Version <= 5.4.*

Version 5.4.297

Status unaffected

Version <= 5.10.*

Version 5.10.241

Status unaffected

Version <= 5.15.*

Version 5.15.190

Status unaffected

Version <= 6.1.*

Version 6.1.147

Status unaffected

Version <= 6.6.*

Version 6.6.100

Status unaffected

Version <= 6.12.*

Version 6.12.40

Status unaffected

Version <= 6.15.*

Version 6.15.8

Status unaffected

Version <= *

Version 6.16

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.09%	0.251

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/dc5598482e2d3b234f6d72d6f5568e24f603e51a

https://git.kernel.org/stable/c/329a80adc0e5f815d0514a6d403aaaf0995cd9be

https://git.kernel.org/stable/c/b361598b7352f02456619a6105c7da952ef69f8f

https://git.kernel.org/stable/c/ac10ed9862104936a412f8b475c869e99f048448

https://git.kernel.org/stable/c/56448e78a6bb4e1a8528a0e2efe94eff0400c247

https://git.kernel.org/stable/c/166afe964e8433d52c641f5d1c09102bacee9a92

https://git.kernel.org/stable/c/62e51f51d97477ea4e78c82e7076a171dac86c75

https://git.kernel.org/stable/c/9e1d2b97f5e2a36a2fd30a8bd30ead9dac5e3a51

https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html

https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html

https://nvd.nist.gov/vuln/detail/CVE-2025-38487

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38487

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38487

EUVD