-

CVE-2025-38630

EPSS 0.05%
Published 22.08.2025 16:00:38
Last modified 28.08.2025 15:15:56
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref

fb_add_videomode() can fail with -ENOMEM when its internal kmalloc() cannot
allocate a struct fb_modelist.  If that happens, the modelist stays empty but
the driver continues to register.  Add a check for its return value to prevent
poteintial null-ptr-deref, which is similar to the commit 17186f1f90d3 ("fbdev:
Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var").

Affected products Warnungen 0 Metrics 1 CWE 0 References 12

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VendorLinux

≫

Product Linux

Default Statusunaffected

Version < 69373502c2b5d364842c702c941d1171e4f35a7c

Version 1b6c79361ba5ce30b40f0f7d6fc2421dc5fcbe0c

Status affected

Version < f00c29e6755ead56baf2a9c1d3c4c0bb40af3612

Version 1b6c79361ba5ce30b40f0f7d6fc2421dc5fcbe0c

Status affected

Version < cca8f5a3991916729b39d797d01499c335137319

Version 1b6c79361ba5ce30b40f0f7d6fc2421dc5fcbe0c

Status affected

Version < ac16154cccda8be10ee3ae188f10a06f3890bc5d

Version 1b6c79361ba5ce30b40f0f7d6fc2421dc5fcbe0c

Status affected

Version < 4b5d36cc3014986e6fac12eaa8433fe56801d4ce

Version 1b6c79361ba5ce30b40f0f7d6fc2421dc5fcbe0c

Status affected

Version < 40f0a51f6c54d46a94b9f1180339ede7ca7ee190

Version 1b6c79361ba5ce30b40f0f7d6fc2421dc5fcbe0c

Status affected

Version < 49377bac9e3bec1635065a033c9679214fe7593e

Version 1b6c79361ba5ce30b40f0f7d6fc2421dc5fcbe0c

Status affected

Version < f060441c153495750804133555cf0a211a856892

Version 1b6c79361ba5ce30b40f0f7d6fc2421dc5fcbe0c

Status affected

Version < da11e6a30e0bb8e911288bdc443b3dc8f6a7cac7

Version 1b6c79361ba5ce30b40f0f7d6fc2421dc5fcbe0c

Status affected

VendorLinux

≫

Product Linux

Default Statusaffected

Version 3.11

Status affected

Version < 3.11

Version 0

Status unaffected

Version <= 5.4.*

Version 5.4.297

Status unaffected

Version <= 5.10.*

Version 5.10.241

Status unaffected

Version <= 5.15.*

Version 5.15.190

Status unaffected

Version <= 6.1.*

Version 6.1.148

Status unaffected

Version <= 6.6.*

Version 6.6.102

Status unaffected

Version <= 6.12.*

Version 6.12.42

Status unaffected

Version <= 6.15.*

Version 6.15.10

Status unaffected

Version <= 6.16.*

Version 6.16.1

Status unaffected

Version <= *

Version 6.17-rc1

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.05%	0.142

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string

https://git.kernel.org/stable/c/ac16154cccda8be10ee3ae188f10a06f3890bc5d

https://git.kernel.org/stable/c/4b5d36cc3014986e6fac12eaa8433fe56801d4ce

https://git.kernel.org/stable/c/40f0a51f6c54d46a94b9f1180339ede7ca7ee190

https://git.kernel.org/stable/c/49377bac9e3bec1635065a033c9679214fe7593e

https://git.kernel.org/stable/c/f060441c153495750804133555cf0a211a856892

https://git.kernel.org/stable/c/da11e6a30e0bb8e911288bdc443b3dc8f6a7cac7

https://git.kernel.org/stable/c/69373502c2b5d364842c702c941d1171e4f35a7c

https://git.kernel.org/stable/c/cca8f5a3991916729b39d797d01499c335137319

https://git.kernel.org/stable/c/f00c29e6755ead56baf2a9c1d3c4c0bb40af3612

https://nvd.nist.gov/vuln/detail/CVE-2025-38630

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38630

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38630

EUVD