5.5

CVE-2025-39678

platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL

In the Linux kernel, the following vulnerability has been resolved:

platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL

If metric table address is not allocated, accessing metrics_bin will
result in a NULL pointer dereference, so add a check.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.7 < 6.12.56
LinuxLinux Kernel Version >= 6.13 < 6.16.4
LinuxLinux Kernel Version6.17 Updaterc1
LinuxLinux Kernel Version6.17 Updaterc2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.04
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/d47782d5c0cb87b9826041f34505580204ccf703
Patch
https://git.kernel.org/stable/c/2c78fb287e1f430b929f2e49786518350d15605c
Patch
https://git.kernel.org/stable/c/782977c0d8ba432b6fd3d5d0d87016a523ec1c69
Patch