SB2025082060 - NULL pointer dereference in Linux kernel clk xilinx driver
Published: August 20, 2025
Security Bulletin ID
SB2025082060
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) NULL pointer dereference (CVE-ID: CVE-2025-38583)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the xvcu_unregister_clock_provider() function in drivers/clk/xilinx/xlnx_vcu.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/3b0abc443ac22f7d4f61ddbbbbc5dbb06c87139d
- https://git.kernel.org/stable/c/51990eecf22f446550befdfd1a9f54147eafd636
- https://git.kernel.org/stable/c/86124c5cfceb5ac04d2fddbf1b6f7147332d96a3
- https://git.kernel.org/stable/c/88bd875b7f9c3652c27d6e4bb7a23701b764f762
- https://git.kernel.org/stable/c/a72b1c2d3b53e088bfaeb593949ff6fbd2cbe8ed
- https://git.kernel.org/stable/c/f1a1be99d5ae53d3b404415f1665eb59e8e02a8c