Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-38113— ACPI: CPPC: Fix NULL pointer dereference when nosmp is used

EPSS 0.10% · P27
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-38113

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
ACPI: CPPC: Fix NULL pointer dereference when nosmp is used
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Fix NULL pointer dereference when nosmp is used With nosmp in cmdline, other CPUs are not brought up, leaving their cpc_desc_ptr NULL. CPU0's iteration via for_each_possible_cpu() dereferences these NULL pointers, causing panic. Panic backtrace: [ 0.401123] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000b8 ... [ 0.403255] [<ffffffff809a5818>] cppc_allow_fast_switch+0x6a/0xd4 ... Kernel panic - not syncing: Attempted to kill init! [ rjw: New subject ]
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于ACPI CPPC在nosmp模式下未检查空指针,可能导致空指针取消引用。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux 3cc30dd00a580ca0c9c0b01639841cfd72d10129 ~ 356d09c7f5bf525086002a34f8bae40b134d1611 -
LinuxLinux 5.19 -

II. Public POCs for CVE-2025-38113

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2025-38113

登录查看更多情报信息。

Same Patch Batch · Linux · 2025-07-03 · 78 CVEs total

CVE-2025-38129page_pool: Fix use-after-free in page_pool_recycle_in_ring
CVE-2025-38128Bluetooth: MGMT: reject malformed HCI_CMD_SYNC commands
CVE-2025-38114e1000: Move cancel_work_sync to avoid deadlock
CVE-2025-38127ice: fix Tx scheduler error handling in XDP callback
CVE-2025-38125net: stmmac: make sure that ptp_rate is not 0 before configuring EST
CVE-2025-38126net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping
CVE-2025-38130drm/connector: only call HDMI audio helper plugged cb if non-null
CVE-2025-38131coresight: prevent deactivate active config while enabling the config
CVE-2025-38132coresight: holding cscfg_csdev_lock while removing cscfg from csdev
CVE-2025-38133iio: adc: ad4851: fix ad4858 chan pointer handling
CVE-2025-38124net: fix udp gso skb_segment after pull from frag_list
CVE-2025-38122gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO
CVE-2025-38123net: wwan: t7xx: Fix napi rx poll issue
CVE-2025-38121wifi: iwlwifi: mld: avoid panic on init failure
CVE-2025-38119scsi: core: ufs: Fix a hang in the error handler
CVE-2025-38120netfilter: nf_set_pipapo_avx2: fix initial map fill
CVE-2025-38118Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete
CVE-2025-38117Bluetooth: MGMT: Protect mgmt_pending list with its own lock
CVE-2025-38115net_sched: sch_sfq: fix a potential crash on gso_skb handling
CVE-2025-38116wifi: ath12k: fix uaf in ath12k_core_init()

Showing top 20 of 78 CVEs. View all on vendor page &rarr; →

IV. Related Vulnerabilities

Same product: Linux
Same vendor: Linux

V. Comments for CVE-2025-38113

No comments yet

Leave a comment