CVE-2025-37910

Published: May 20, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: Fix NULL dereference in Adva board SMA sysfs operations On Adva boards, SMA sysfs store/get operations can call __handle_signal_outputs() or __handle_signal_inputs() while the `irig` and `dcf` pointers are uninitialized, leading to a NULL pointer dereference in __handle_signal() and causing a kernel crash. Adva boards don't use `irig` or `dcf` functionality, so add Adva-specific callbacks `ptp_ocp_sma_adva_set_outputs()` and `ptp_ocp_sma_adva_set_inputs()` that avoid invoking `irig` or `dcf` input/output routines.

Vendor	Product	Versions
Linux	Linux	affected `ef61f5528fca6c3bbb2f8bc002fd1949c9d1f9b9 - < 8a543d825e78b8d680d8f891381b83fbffdb0bb6` affected `ef61f5528fca6c3bbb2f8bc002fd1949c9d1f9b9 - < 5b349f9cdb4a9daa133bea267dfc0c383628387a` affected `ef61f5528fca6c3bbb2f8bc002fd1949c9d1f9b9 - < e98386d79a23c57cf179fe4138322e277aa3aa74`
Linux	Linux	affected `6.9` unaffected `0 - < 6.9` unaffected `6.12.28 - <= 6.12.` unaffected `6.14.6 - <= 6.14.` unaffected `6.15 - <= *`

References

https://git.kernel.org/stable/c/8a543d825e78b8d680d8f891381b83fbffdb0bb6

https://git.kernel.org/stable/c/5b349f9cdb4a9daa133bea267dfc0c383628387a

https://git.kernel.org/stable/c/e98386d79a23c57cf179fe4138322e277aa3aa74

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-37910

Description

Affected Products

References