-

CVE-2025-38668

EPSS 0.04%
Published 22.08.2025 16:02:59
Last modified 28.08.2025 15:15:58
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

regulator: core: fix NULL dereference on unbind due to stale coupling data

Failing to reset coupling_desc.n_coupled after freeing coupled_rdevs can
lead to NULL pointer dereference when regulators are accessed post-unbind.

This can happen during runtime PM or other regulator operations that rely
on coupling metadata.

For example, on ridesx4, unbinding the 'reg-dummy' platform device triggers
a panic in regulator_lock_recursive() due to stale coupling state.

Ensure n_coupled is set to 0 to prevent access to invalid pointers.

Affected products Warnungen 0 Metrics 1 CWE 0 References 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VendorLinux

≫

Product Linux

Default Statusunaffected

Version < 7574892e259bbb16262ebfb4b65a2054a5e03a49

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 6c49eac796681e250e34156bafb643930310bd4a

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < ca9bef9ba1a6be640c87bf802d2e9e696021576a

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 800a2cfb2df7f96b3fb48910fc595e0215f6b019

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 233d3c54c9620e95193923859ea1d0b0f5d748ca

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 5d4261dbb3335221fd9c6e69f909ba79ee6663a7

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < d7e59c5fd7a0f5e16e75a30a89ea2c4ab88612b8

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < ca46946a482238b0cdea459fb82fc837fb36260e

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

VendorLinux

≫

Product Linux

Default Statusaffected

Version <= 5.4.*

Version 5.4.297

Status unaffected

Version <= 5.10.*

Version 5.10.241

Status unaffected

Version <= 5.15.*

Version 5.15.190

Status unaffected

Version <= 6.1.*

Version 6.1.148

Status unaffected

Version <= 6.6.*

Version 6.6.101

Status unaffected

Version <= 6.12.*

Version 6.12.41

Status unaffected

Version <= 6.15.*

Version 6.15.9

Status unaffected

Version <= *

Version 6.16

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.04%	0.126

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string

https://git.kernel.org/stable/c/800a2cfb2df7f96b3fb48910fc595e0215f6b019

https://git.kernel.org/stable/c/233d3c54c9620e95193923859ea1d0b0f5d748ca

https://git.kernel.org/stable/c/5d4261dbb3335221fd9c6e69f909ba79ee6663a7

https://git.kernel.org/stable/c/d7e59c5fd7a0f5e16e75a30a89ea2c4ab88612b8

https://git.kernel.org/stable/c/ca46946a482238b0cdea459fb82fc837fb36260e

https://git.kernel.org/stable/c/6c49eac796681e250e34156bafb643930310bd4a

https://git.kernel.org/stable/c/7574892e259bbb16262ebfb4b65a2054a5e03a49

https://git.kernel.org/stable/c/ca9bef9ba1a6be640c87bf802d2e9e696021576a

https://nvd.nist.gov/vuln/detail/CVE-2025-38668

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38668

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38668

EUVD