Bug 2379200 (CVE-2025-38301) - CVE-2025-38301 kernel: nvmem: zynqmp_nvmem: unbreak driver after cleanup
Summary: CVE-2025-38301 kernel: nvmem: zynqmp_nvmem: unbreak driver after cleanup
Keywords:
Status: NEW
Alias: CVE-2025-38301
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-07-10 08:03 UTC by OSIDB Bzimport
Modified: 2025-07-11 09:17 UTC (History)
0 users

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description OSIDB Bzimport 2025-07-10 08:03:17 UTC
In the Linux kernel, the following vulnerability has been resolved:

nvmem: zynqmp_nvmem: unbreak driver after cleanup

Commit 29be47fcd6a0 ("nvmem: zynqmp_nvmem: zynqmp_nvmem_probe cleanup")
changed the driver to expect the device pointer to be passed as the
"context", but in nvmem the context parameter comes from nvmem_config.priv
which is never set - Leading to null pointer exceptions when the device is
accessed.

Comment 1 Avinash Hanwate 2025-07-11 09:15:50 UTC
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025071013-CVE-2025-38301-694f@gregkh/T


Note You need to log in before you can comment on or make changes to this bug.