CVE-2025-38025

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-38025
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7606: check for NULL before calling sw_mode_config() Check that the sw_mode_config function pointer is not NULL before calling it. Not all buses define this callback, which resulted in a NULL pointer dereference.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://git.kernel.org/stable/c/5257d80e22bf27009d6742e4c174f42cfe54e425 Patch
https://git.kernel.org/stable/c/c28ad63aa55eaadad2b1793b90bfbe7296cc03ba Patch
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.15:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.15:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.15:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.15:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.15:rc5:*:*:*:*:*:*
History

14 Nov 2025, 17:11

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iio: adc: ad7606: comprobar si el puntero a la función sw_mode_config() es nulo. Compruebe que el puntero a la función sw_mode_config no sea nulo antes de llamarlo. No todos los buses definen esta función, lo que provocaba una desreferencia del puntero nulo.
First Time Linux
Linux linux Kernel
CWE CWE-476
References () https://git.kernel.org/stable/c/5257d80e22bf27009d6742e4c174f42cfe54e425 - () https://git.kernel.org/stable/c/5257d80e22bf27009d6742e4c174f42cfe54e425 - Patch
References () https://git.kernel.org/stable/c/c28ad63aa55eaadad2b1793b90bfbe7296cc03ba - () https://git.kernel.org/stable/c/c28ad63aa55eaadad2b1793b90bfbe7296cc03ba - Patch
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.5
CPE cpe:2.3:o:linux:linux_kernel:6.15:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.15:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.15:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.15:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.15:rc1:*:*:*:*:*:*

18 Jun 2025, 10:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-06-18 10:15

Updated : 2025-11-14 17:11

NVD link : CVE-2025-38025

Mitre link : CVE-2025-38025

CVE.ORG link : CVE-2025-38025

JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-476

NULL Pointer Dereference