Main Vulnerability Database SB2025082066

SB2025082066 - NULL pointer dereference in Linux kernel intel pmt driver

Published: August 20, 2025

Security Bulletin ID SB2025082066

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) NULL pointer dereference (CVE-ID: CVE-2025-38559)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the intel_pmt_read() and intel_pmt_populate_entry() functions in drivers/platform/x86/intel/pmt/class.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/089d05266b2caf020ac2ae2cd2be78f580268f5d
https://git.kernel.org/stable/c/18d53b543b5447478e259c96ca4688393f327c98
https://git.kernel.org/stable/c/54d5cd4719c5e87f33d271c9ac2e393147d934f8
https://git.kernel.org/stable/c/860d93bd6a21f08883711196344c353bc3936a2b