Main Vulnerability Database SB2025072737

SB2025072737 - NULL pointer dereference in Linux kernel ethernet renesas driver

Published: July 27, 2025

Security Bulletin ID SB2025072737

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) NULL pointer dereference (CVE-ID: CVE-2025-38452)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the rtsn_probe() function in drivers/net/ethernet/renesas/rtsn.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/95a234f6affbf51f06338383537ab80d637bb785
https://git.kernel.org/stable/c/9f260e16b297f8134c5f90bb5a20e805ff57e853
https://git.kernel.org/stable/c/d52eb4f0e0ca9a5213b8795abbeb11a325d9b22d