CVE-2025-38583

Summary

In the Linux kernel, the following vulnerability has been resolved:

clk: xilinx: vcu: unregister pll_post only if registered correctly

If registration of pll_post is failed, it will be set to NULL or ERR, unregistering same will fail with following call trace:

Unable to handle kernel NULL pointer dereference at virtual address 008 pc : clk_hw_unregister+0xc/0x20 lr : clk_hw_unregister_fixed_factor+0x18/0x30 sp : ffff800011923850 … Call trace: clk_hw_unregister+0xc/0x20 clk_hw_unregister_fixed_factor+0x18/0x30 xvcu_unregister_clock_provider+0xcc/0xf4 [xlnx_vcu] xvcu_probe+0x2bc/0x53c [xlnx_vcu]

Affected Software

VendorProductVersion RangeStatus
LinuxLinux4472e1849db7f719bbf625890096e0269b5849fe < 7e903da71f8bec4beb7c06707900e1ed8db843caaffected
LinuxLinux4472e1849db7f719bbf625890096e0269b5849fe < 88bd875b7f9c3652c27d6e4bb7a23701b764f762affected
LinuxLinux4472e1849db7f719bbf625890096e0269b5849fe < 51990eecf22f446550befdfd1a9f54147eafd636affected
LinuxLinux4472e1849db7f719bbf625890096e0269b5849fe < f1a1be99d5ae53d3b404415f1665eb59e8e02a8caffected
LinuxLinux4472e1849db7f719bbf625890096e0269b5849fe < 86124c5cfceb5ac04d2fddbf1b6f7147332d96a3affected
LinuxLinux4472e1849db7f719bbf625890096e0269b5849fe < a72b1c2d3b53e088bfaeb593949ff6fbd2cbe8edaffected
LinuxLinux4472e1849db7f719bbf625890096e0269b5849fe < 3b0abc443ac22f7d4f61ddbbbbc5dbb06c87139daffected
LinuxLinux5.12affected
LinuxLinux0 < 5.12unaffected
LinuxLinux5.15.190 <= 5.15.*unaffected
LinuxLinux6.1.148 <= 6.1.*unaffected
LinuxLinux6.6.102 <= 6.6.*unaffected
LinuxLinux6.12.42 <= 6.12.*unaffected
LinuxLinux6.15.10 <= 6.15.*unaffected
LinuxLinux6.16.1 <= 6.16.*unaffected
LinuxLinux6.17 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References