CVE-2025-38694
BaseFortify
Publication date: 2025-09-04
Last updated on: 2025-11-03
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | 5.10.244 |
| linux | linux_kernel | 6.1.153 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a null pointer dereference in the Linux kernel's media dvb-frontends component, specifically in the dib7090p_rw_on_apb() function. The issue occurs because the function processes a user-controlled message (msg) without properly checking if certain buffer pointers (msg[0].buf and msg[1].buf) are null before accessing them. If msg[0].buf is null and msg[0].len is zero, the function may attempt to access msg[0].buf[2], causing a null pointer dereference and potentially crashing the system. Similar unsafe accesses happen with msg[1].buf[0] and msg[1].buf[1]. The fix involves adding checks on msg[0].len to prevent these crashes.
How can this vulnerability impact me? :
This vulnerability can cause the Linux kernel to crash due to a null pointer dereference when processing certain user-controlled inputs. Such crashes can lead to denial of service (DoS) conditions, potentially disrupting system availability and stability.
What immediate steps should I take to mitigate this vulnerability?
Apply the patch or update to a Linux kernel version that includes the fix for the null pointer dereference in dib7090p_rw_on_apb(). This prevents the crash caused by improper checks on msg[0].buf and msg[1].buf. Until then, avoid using affected media dvb-frontends that rely on dib7090p to reduce risk.