-

CVE-2025-38610

EPSS 0.04%
Published 19.08.2025 17:15:39
Last modified 20.08.2025 14:40:17
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw()

The get_pd_power_uw() function can crash with a NULL pointer dereference
when em_cpu_get() returns NULL. This occurs when a CPU becomes impossible
during runtime, causing get_cpu_device() to return NULL, which propagates
through em_cpu_get() and leads to a crash when em_span_cpus() dereferences
the NULL pointer.

Add a NULL check after em_cpu_get() and return 0 if unavailable,
matching the existing fallback behavior in __dtpm_cpu_setup().

[ rjw: Drop an excess empty code line ]

Affected products Warnungen 0 Metrics 1 CWE 0 References 9

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VendorLinux

≫

Product Linux

Default Statusunaffected

Version < 27914f2b795e2b58e9506f281dcdd98fef09d3c2

Version eb82bace893169b319c563b7f813c58a0a5a9f76

Status affected

Version < c6ec27091cf5ac05094c1fe3a6ce914cf711a37c

Version eb82bace893169b319c563b7f813c58a0a5a9f76

Status affected

Version < 8374ac7d69a57d737e701a851ffe980a0d27d3ad

Version eb82bace893169b319c563b7f813c58a0a5a9f76

Status affected

Version < 27e0318f0ea69fcfa32228847debc384ade14578

Version eb82bace893169b319c563b7f813c58a0a5a9f76

Status affected

Version < 2fd001a0075ac01dc64a28a8e21226b3d989a91d

Version eb82bace893169b319c563b7f813c58a0a5a9f76

Status affected

Version < 46dc57406887dd02565cb264224194a6776d882b

Version eb82bace893169b319c563b7f813c58a0a5a9f76

Status affected

VendorLinux

≫

Product Linux

Default Statusaffected

Version 5.16

Status affected

Version < 5.16

Version 0

Status unaffected

Version <= 6.1.*

Version 6.1.148

Status unaffected

Version <= 6.6.*

Version 6.6.102

Status unaffected

Version <= 6.12.*

Version 6.12.42

Status unaffected

Version <= 6.15.*

Version 6.15.10

Status unaffected

Version <= 6.16.*

Version 6.16.1

Status unaffected

Version <= *

Version 6.17-rc1

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.04%	0.089

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string

https://git.kernel.org/stable/c/27914f2b795e2b58e9506f281dcdd98fef09d3c2

https://git.kernel.org/stable/c/27e0318f0ea69fcfa32228847debc384ade14578

https://git.kernel.org/stable/c/2fd001a0075ac01dc64a28a8e21226b3d989a91d

https://git.kernel.org/stable/c/46dc57406887dd02565cb264224194a6776d882b

https://git.kernel.org/stable/c/8374ac7d69a57d737e701a851ffe980a0d27d3ad

https://git.kernel.org/stable/c/c6ec27091cf5ac05094c1fe3a6ce914cf711a37c

https://nvd.nist.gov/vuln/detail/CVE-2025-38610

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38610

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38610

EUVD