CVE-2025-40127

Summary

In the Linux kernel, the following vulnerability has been resolved:

hwrng: ks-sa - fix division by zero in ks_sa_rng_init

Fix division by zero in ks_sa_rng_init caused by missing clock pointer initialization. The clk_get_rate() call is performed on an uninitialized clk pointer, resulting in division by zero when calculating delay values.

Add clock initialization code before using the clock.

drivers/char/hw_random/ks-sa-rng.c | 7 +++++++ 1 file changed, 7 insertions(+)

Affected Software

VendorProductVersion RangeStatus
LinuxLinux6d01d8511dceb9cd40f72eb102b7d24f0b2e997b < 692a04a1e0cde1d80a33df0078c755cf02cd7268affected
LinuxLinux6d01d8511dceb9cd40f72eb102b7d24f0b2e997b < d76b099011fa056950f63d05ebb6160991242f6aaffected
LinuxLinux6d01d8511dceb9cd40f72eb102b7d24f0b2e997b < eec7e0e19c1fa75dc65e25aa6a21ef24a03849afaffected
LinuxLinux6d01d8511dceb9cd40f72eb102b7d24f0b2e997b < f4238064379a91e71a9c258996acac43c50c2094affected
LinuxLinux6d01d8511dceb9cd40f72eb102b7d24f0b2e997b < 2b6bcce32cb5aff84588a844a4d3f6dd5353b8e2affected
LinuxLinux6d01d8511dceb9cd40f72eb102b7d24f0b2e997b < 55a70e1de75e5ff5f961c79a2cdc6a4468cc2bf2affected
LinuxLinux6d01d8511dceb9cd40f72eb102b7d24f0b2e997b < 612b1dfeb414dfa780a6316014ceddf9a74ff5c0affected
LinuxLinux5.5affected
LinuxLinux0 < 5.5unaffected
LinuxLinux5.10.246 <= 5.10.*unaffected
LinuxLinux5.15.195 <= 5.15.*unaffected
LinuxLinux6.1.156 <= 6.1.*unaffected
LinuxLinux6.6.112 <= 6.6.*unaffected
LinuxLinux6.12.53 <= 6.12.*unaffected
LinuxLinux6.17.3 <= 6.17.*unaffected
LinuxLinux6.18 <= *unaffected

Weaknesses

References