-

CVE-2025-38610

EPSS 0.04%
Veröffentlicht 19.08.2025 17:15:39
Zuletzt bearbeitet 20.08.2025 14:40:17
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw()

The get_pd_power_uw() function can crash with a NULL pointer dereference
when em_cpu_get() returns NULL. This occurs when a CPU becomes impossible
during runtime, causing get_cpu_device() to return NULL, which propagates
through em_cpu_get() and leads to a crash when em_span_cpus() dereferences
the NULL pointer.

Add a NULL check after em_cpu_get() and return 0 if unavailable,
matching the existing fallback behavior in __dtpm_cpu_setup().

[ rjw: Drop an excess empty code line ]

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 9

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 27914f2b795e2b58e9506f281dcdd98fef09d3c2

Version eb82bace893169b319c563b7f813c58a0a5a9f76

Status affected

Version < c6ec27091cf5ac05094c1fe3a6ce914cf711a37c

Version eb82bace893169b319c563b7f813c58a0a5a9f76

Status affected

Version < 8374ac7d69a57d737e701a851ffe980a0d27d3ad

Version eb82bace893169b319c563b7f813c58a0a5a9f76

Status affected

Version < 27e0318f0ea69fcfa32228847debc384ade14578

Version eb82bace893169b319c563b7f813c58a0a5a9f76

Status affected

Version < 2fd001a0075ac01dc64a28a8e21226b3d989a91d

Version eb82bace893169b319c563b7f813c58a0a5a9f76

Status affected

Version < 46dc57406887dd02565cb264224194a6776d882b

Version eb82bace893169b319c563b7f813c58a0a5a9f76

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.16

Status affected

Version < 5.16

Version 0

Status unaffected

Version <= 6.1.*

Version 6.1.148

Status unaffected

Version <= 6.6.*

Version 6.6.102

Status unaffected

Version <= 6.12.*

Version 6.12.42

Status unaffected

Version <= 6.15.*

Version 6.15.10

Status unaffected

Version <= 6.16.*

Version 6.16.1

Status unaffected

Version <= *

Version 6.17-rc1

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.089

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/27914f2b795e2b58e9506f281dcdd98fef09d3c2

https://git.kernel.org/stable/c/27e0318f0ea69fcfa32228847debc384ade14578

https://git.kernel.org/stable/c/2fd001a0075ac01dc64a28a8e21226b3d989a91d

https://git.kernel.org/stable/c/46dc57406887dd02565cb264224194a6776d882b

https://git.kernel.org/stable/c/8374ac7d69a57d737e701a851ffe980a0d27d3ad

https://git.kernel.org/stable/c/c6ec27091cf5ac05094c1fe3a6ce914cf711a37c

https://nvd.nist.gov/vuln/detail/CVE-2025-38610

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38610

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38610

EUVD