CVE-2025-38559

EPSS 0.03%
Veröffentlicht 19.08.2025 17:15:32
Zuletzt bearbeitet 20.08.2025 14:40:17
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

platform/x86/intel/pmt: fix a crashlog NULL pointer access

Usage of the intel_pmt_read() for binary sysfs, requires a pcidev. The
current use of the endpoint value is only valid for telemetry endpoint
usage.

Without the ep, the crashlog usage causes the following NULL pointer
exception:

BUG: kernel NULL pointer dereference, address: 0000000000000000
Oops: Oops: 0000 [#1] SMP NOPTI
RIP: 0010:intel_pmt_read+0x3b/0x70 [pmt_class]
Code:
Call Trace:
 <TASK>
 ? sysfs_kf_bin_read+0xc0/0xe0
 kernfs_fop_read_iter+0xac/0x1a0
 vfs_read+0x26d/0x350
 ksys_read+0x6b/0xe0
 __x64_sys_read+0x1d/0x30
 x64_sys_call+0x1bc8/0x1d70
 do_syscall_64+0x6d/0x110

Augment struct intel_pmt_entry with a pointer to the pcidev to avoid
the NULL pointer exception.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 860d93bd6a21f08883711196344c353bc3936a2b

Version 045a513040cc0242d364c05c3791594e2294f32d

Status affected

Version < 18d53b543b5447478e259c96ca4688393f327c98

Version 045a513040cc0242d364c05c3791594e2294f32d

Status affected

Version < 089d05266b2caf020ac2ae2cd2be78f580268f5d

Version 045a513040cc0242d364c05c3791594e2294f32d

Status affected

Version < 54d5cd4719c5e87f33d271c9ac2e393147d934f8

Version 045a513040cc0242d364c05c3791594e2294f32d

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 6.12

Status affected

Version < 6.12

Version 0

Status unaffected

Version <= 6.12.*

Version 6.12.42

Status unaffected

Version <= 6.15.*

Version 6.15.10

Status unaffected

Version <= 6.16.*

Version 6.16.1

Status unaffected

Version <= *

Version 6.17-rc1

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.055

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/089d05266b2caf020ac2ae2cd2be78f580268f5d

https://git.kernel.org/stable/c/18d53b543b5447478e259c96ca4688393f327c98

https://git.kernel.org/stable/c/54d5cd4719c5e87f33d271c9ac2e393147d934f8

https://git.kernel.org/stable/c/860d93bd6a21f08883711196344c353bc3936a2b

https://nvd.nist.gov/vuln/detail/CVE-2025-38559

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38559

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38559

EUVD