#VU114512 NULL pointer dereference in Linux kernel - CVE-2025-38668
Published: August 28, 2025
Vulnerability identifier: #VU114512
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-38668
CWE-ID: CWE-476
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the regulator_remove_coupling() function in drivers/regulator/core.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's repository.
External links
- https://git.kernel.org/stable/c/233d3c54c9620e95193923859ea1d0b0f5d748ca
- https://git.kernel.org/stable/c/5d4261dbb3335221fd9c6e69f909ba79ee6663a7
- https://git.kernel.org/stable/c/800a2cfb2df7f96b3fb48910fc595e0215f6b019
- https://git.kernel.org/stable/c/ca46946a482238b0cdea459fb82fc837fb36260e
- https://git.kernel.org/stable/c/d7e59c5fd7a0f5e16e75a30a89ea2c4ab88612b8