SB2025082861 - NULL pointer dereference in Linux kernel regulator driver
Published: August 28, 2025
Security Bulletin ID
SB2025082861
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) NULL pointer dereference (CVE-ID: CVE-2025-38668)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the regulator_remove_coupling() function in drivers/regulator/core.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/233d3c54c9620e95193923859ea1d0b0f5d748ca
- https://git.kernel.org/stable/c/5d4261dbb3335221fd9c6e69f909ba79ee6663a7
- https://git.kernel.org/stable/c/800a2cfb2df7f96b3fb48910fc595e0215f6b019
- https://git.kernel.org/stable/c/ca46946a482238b0cdea459fb82fc837fb36260e
- https://git.kernel.org/stable/c/d7e59c5fd7a0f5e16e75a30a89ea2c4ab88612b8