CVE-2025-38668

{"id": "CVE-2025-38668", "cveTags": [], "metrics": {}, "published": "2025-08-22T16:15:42.283", "references": [{"url": "https://git.kernel.org/stable/c/233d3c54c9620e95193923859ea1d0b0f5d748ca", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/5d4261dbb3335221fd9c6e69f909ba79ee6663a7", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/800a2cfb2df7f96b3fb48910fc595e0215f6b019", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/ca46946a482238b0cdea459fb82fc837fb36260e", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/d7e59c5fd7a0f5e16e75a30a89ea2c4ab88612b8", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: core: fix NULL dereference on unbind due to stale coupling data\n\nFailing to reset coupling_desc.n_coupled after freeing coupled_rdevs can\nlead to NULL pointer dereference when regulators are accessed post-unbind.\n\nThis can happen during runtime PM or other regulator operations that rely\non coupling metadata.\n\nFor example, on ridesx4, unbinding the 'reg-dummy' platform device triggers\na panic in regulator_lock_recursive() due to stale coupling state.\n\nEnsure n_coupled is set to 0 to prevent access to invalid pointers."}], "lastModified": "2025-08-22T18:08:51.663", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}