CVE-2025-37831

Summary

In the Linux kernel, the following vulnerability has been resolved:

cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate()

cpufreq_cpu_get_raw() can return NULL when the target CPU is not present in the policy->cpus mask. apple_soc_cpufreq_get_rate() does not check for this case, which results in a NULL pointer dereference.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux6286bbb40576ffadfde206c332b61345c19af57f < 1053dcf8a504d4933bb3f73df22bc363298d194baffected
LinuxLinux6286bbb40576ffadfde206c332b61345c19af57f < fbdba5f37413dbc09d82ad7235e5b7a2fb8e0f75affected
LinuxLinux6286bbb40576ffadfde206c332b61345c19af57f < 01e86ea22610d98ae6141e428019a6916e79f725affected
LinuxLinux6286bbb40576ffadfde206c332b61345c19af57f < 9992649f6786921873a9b89dafa5e04d8c5fef2baffected
LinuxLinux6.2affected
LinuxLinux0 < 6.2unaffected
LinuxLinux6.6.89 <= 6.6.*unaffected
LinuxLinux6.12.26 <= 6.12.*unaffected
LinuxLinux6.14.5 <= 6.14.*unaffected
LinuxLinux6.15 <= *unaffected

Weaknesses

References