SB2025070534 - NULL pointer dereference in Linux kernel x86 dell driver
Published: July 5, 2025
Security Bulletin ID
SB2025070534
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) NULL pointer dereference (CVE-ID: CVE-2025-38197)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the packet_read_list() and packet_empty_list() functions in drivers/platform/x86/dell/dell_rbu.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/07d7b8e7ef7d1f812a6211ed531947c56d09e95e
- https://git.kernel.org/stable/c/32d05e6cc3a7bf6c8f16f7b7ef8fe80eca0c233e
- https://git.kernel.org/stable/c/4d71f2c1e5263a9f042faa71d59515709869dc79
- https://git.kernel.org/stable/c/5e8c658acd1b7c186aeffa46bf08795e121f401a
- https://git.kernel.org/stable/c/61ce04601e0d8265ec6d2ffa6df5a7e1bce64854
- https://git.kernel.org/stable/c/a7b477b64ef5e37cb08dd536ae07c46f9f28262e
- https://git.kernel.org/stable/c/f3b840fb1508a80cd8a0efb5c886ae1995a88b24