SB2025082047 - NULL pointer dereference in Linux kernel powercap driver
Published: August 20, 2025
Security Bulletin ID
SB2025082047
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) NULL pointer dereference (CVE-ID: CVE-2025-38610)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the get_pd_power_uw() function in drivers/powercap/dtpm_cpu.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/27914f2b795e2b58e9506f281dcdd98fef09d3c2
- https://git.kernel.org/stable/c/27e0318f0ea69fcfa32228847debc384ade14578
- https://git.kernel.org/stable/c/2fd001a0075ac01dc64a28a8e21226b3d989a91d
- https://git.kernel.org/stable/c/46dc57406887dd02565cb264224194a6776d882b
- https://git.kernel.org/stable/c/8374ac7d69a57d737e701a851ffe980a0d27d3ad
- https://git.kernel.org/stable/c/c6ec27091cf5ac05094c1fe3a6ce914cf711a37c