CVE-2025-37910

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: Fix NULL dereference in Adva board SMA sysfs operations On Adva boards, SMA sysfs store/get operations can call __handle_signal_outputs() or __handle_signal_inputs() while the `irig` and `dcf` pointers are uninitialized, leading to a NULL pointer dereference in __handle_signal() and causing a kernel crash. Adva boards don't use `irig` or `dcf` functionality, so add Adva-specific callbacks `ptp_ocp_sma_adva_set_outputs()` and `ptp_ocp_sma_adva_set_inputs()` that avoid invoking `irig` or `dcf` input/output routines.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/5b349f9cdb4a9daa133bea267dfc0c383628387a	Patch
https://git.kernel.org/stable/c/8a543d825e78b8d680d8f891381b83fbffdb0bb6	Patch
https://git.kernel.org/stable/c/e98386d79a23c57cf179fe4138322e277aa3aa74	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.15:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.15:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.15:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.15:rc4::::::

History

17 Nov 2025, 14:45

Type	Values Removed	Values Added
CWE		CWE-476
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
First Time		Linux Linux linux Kernel
CPE		cpe:2.3:o:linux:linux_kernel:6.15:rc4:::::: cpe:2.3:o:linux:linux_kernel:6.15:rc2:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.15:rc3:::::: cpe:2.3:o:linux:linux_kernel:6.15:rc1::::::
References	~~() https://git.kernel.org/stable/c/5b349f9cdb4a9daa133bea267dfc0c383628387a -~~	() https://git.kernel.org/stable/c/5b349f9cdb4a9daa133bea267dfc0c383628387a - Patch
References	~~() https://git.kernel.org/stable/c/8a543d825e78b8d680d8f891381b83fbffdb0bb6 -~~	() https://git.kernel.org/stable/c/8a543d825e78b8d680d8f891381b83fbffdb0bb6 - Patch
References	~~() https://git.kernel.org/stable/c/e98386d79a23c57cf179fe4138322e277aa3aa74 -~~	() https://git.kernel.org/stable/c/e98386d79a23c57cf179fe4138322e277aa3aa74 - Patch
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ptp: ocp: Corregir la desreferencia NULL en las operaciones sysfs de SMA de la placa Adva En las placas Adva, las operaciones de almacenamiento/obtención de SMA sysfs pueden llamar a __handle_signal_outputs() o __handle_signal_inputs() mientras los punteros `irig` y `dcf` no están inicializados, lo que provoca una desreferencia de puntero NULL en __handle_signal() y causa un fallo del kernel. Las placas Adva no usan la funcionalidad `irig` o `dcf`, así que añada las devoluciones de llamada específicas de Adva `ptp_ocp_sma_adva_set_outputs()` y `ptp_ocp_sma_adva_set_inputs()` que evitan invocar las rutinas de entrada/salida `irig` o `dcf`.

20 May 2025, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-20 16:15

Updated : 2025-11-17 14:45

NVD link : CVE-2025-37910

Mitre link : CVE-2025-37910

CVE.ORG link : CVE-2025-37910

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-476

NULL Pointer Dereference

5.5 /10