5.5

CVE-2025-38668

regulator: core: fix NULL dereference on unbind due to stale coupling data

In the Linux kernel, the following vulnerability has been resolved:

regulator: core: fix NULL dereference on unbind due to stale coupling data

Failing to reset coupling_desc.n_coupled after freeing coupled_rdevs can
lead to NULL pointer dereference when regulators are accessed post-unbind.

This can happen during runtime PM or other regulator operations that rely
on coupling metadata.

For example, on ridesx4, unbinding the 'reg-dummy' platform device triggers
a panic in regulator_lock_recursive() due to stale coupling state.

Ensure n_coupled is set to 0 to prevent access to invalid pointers.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.3 < 5.4.297
LinuxLinux Kernel Version >= 5.5 < 5.10.241
LinuxLinux Kernel Version >= 5.11 < 5.15.190
LinuxLinux Kernel Version >= 5.16 < 6.1.148
LinuxLinux Kernel Version >= 6.2 < 6.6.101
LinuxLinux Kernel Version >= 6.7 < 6.12.41
LinuxLinux Kernel Version >= 6.13 < 6.15.9
LinuxLinux Kernel Version6.16 Updaterc1
LinuxLinux Kernel Version6.16 Updaterc2
LinuxLinux Kernel Version6.16 Updaterc3
LinuxLinux Kernel Version6.16 Updaterc4
DebianDebian Linux Version11.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.044
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/800a2cfb2df7f96b3fb48910fc595e0215f6b019
Patch
https://git.kernel.org/stable/c/233d3c54c9620e95193923859ea1d0b0f5d748ca
Patch
https://git.kernel.org/stable/c/5d4261dbb3335221fd9c6e69f909ba79ee6663a7
Patch
https://git.kernel.org/stable/c/d7e59c5fd7a0f5e16e75a30a89ea2c4ab88612b8
Patch
https://git.kernel.org/stable/c/ca46946a482238b0cdea459fb82fc837fb36260e
Patch
https://git.kernel.org/stable/c/6c49eac796681e250e34156bafb643930310bd4a
Patch
https://git.kernel.org/stable/c/7574892e259bbb16262ebfb4b65a2054a5e03a49
Patch
https://git.kernel.org/stable/c/ca9bef9ba1a6be640c87bf802d2e9e696021576a
Patch
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Third Party Advisory