| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025082200-CVE-2025-38668-ea82@gregkh> Date: Fri, 22 Aug 2025 18:03:05 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2025-38668: regulator: core: fix NULL dereference on unbind due to stale coupling data From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix NULL dereference on unbind due to stale coupling data Failing to reset coupling_desc.n_coupled after freeing coupled_rdevs can lead to NULL pointer dereference when regulators are accessed post-unbind. This can happen during runtime PM or other regulator operations that rely on coupling metadata. For example, on ridesx4, unbinding the 'reg-dummy' platform device triggers a panic in regulator_lock_recursive() due to stale coupling state. Ensure n_coupled is set to 0 to prevent access to invalid pointers. The Linux kernel CVE team has assigned CVE-2025-38668 to this issue. Affected and fixed versions =========================== Fixed in 6.1.148 with commit 800a2cfb2df7f96b3fb48910fc595e0215f6b019 Fixed in 6.6.101 with commit 233d3c54c9620e95193923859ea1d0b0f5d748ca Fixed in 6.12.41 with commit 5d4261dbb3335221fd9c6e69f909ba79ee6663a7 Fixed in 6.15.9 with commit d7e59c5fd7a0f5e16e75a30a89ea2c4ab88612b8 Fixed in 6.16 with commit ca46946a482238b0cdea459fb82fc837fb36260e Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2025-38668 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/regulator/core.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/800a2cfb2df7f96b3fb48910fc595e0215f6b019 https://git.kernel.org/stable/c/233d3c54c9620e95193923859ea1d0b0f5d748ca https://git.kernel.org/stable/c/5d4261dbb3335221fd9c6e69f909ba79ee6663a7 https://git.kernel.org/stable/c/d7e59c5fd7a0f5e16e75a30a89ea2c4ab88612b8 https://git.kernel.org/stable/c/ca46946a482238b0cdea459fb82fc837fb36260e
Powered by blists - more mailing lists