{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-38145","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-04-16T04:51:23.988Z","datePublished":"2025-07-03T08:35:51.566Z","dateUpdated":"2026-05-11T21:22:07.974Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T21:22:07.974Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: aspeed: Add NULL check in aspeed_lpc_enable_snoop()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\naspeed_lpc_enable_snoop() does not check for this case, which results in a\nNULL pointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.\n\n[arj: Fix Fixes: tag to use subject from 3772e5da4454]"}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/soc/aspeed/aspeed-lpc-snoop.c"],"versions":[{"version":"3772e5da445420543b25825ac2b5971f3743f6e8","lessThan":"2beee9cf833374550e673d428ad8b6ab37c175b3","status":"affected","versionType":"git"},{"version":"3772e5da445420543b25825ac2b5971f3743f6e8","lessThan":"c550999f939b529d28a914d5034cc4290066aea6","status":"affected","versionType":"git"},{"version":"3772e5da445420543b25825ac2b5971f3743f6e8","lessThan":"1fd889c145722579aa038c31cbc07cfdd4d75166","status":"affected","versionType":"git"},{"version":"3772e5da445420543b25825ac2b5971f3743f6e8","lessThan":"d62a589eaaec6385e3e2b25cf5a28b4560ace93f","status":"affected","versionType":"git"},{"version":"3772e5da445420543b25825ac2b5971f3743f6e8","lessThan":"8312b1f776f71979bf33bda7acc05b348e8792c7","status":"affected","versionType":"git"},{"version":"3772e5da445420543b25825ac2b5971f3743f6e8","lessThan":"f697ef117ecbf3a367dfc559a6a3589905956530","status":"affected","versionType":"git"},{"version":"3772e5da445420543b25825ac2b5971f3743f6e8","lessThan":"45b2e8b0fdd280aba04c3cc869e9ae500c44e4b7","status":"affected","versionType":"git"},{"version":"3772e5da445420543b25825ac2b5971f3743f6e8","lessThan":"f1706e0e1a74b095cbc60375b9b1e6205f5f4c98","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/soc/aspeed/aspeed-lpc-snoop.c"],"versions":[{"version":"4.19","status":"affected"},{"version":"0","lessThan":"4.19","status":"unaffected","versionType":"semver"},{"version":"5.4.295","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.239","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.186","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.142","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.94","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.34","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.15.3","lessThanOrEqual":"6.15.*","status":"unaffected","versionType":"semver"},{"version":"6.16","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19","versionEndExcluding":"5.4.295"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19","versionEndExcluding":"5.10.239"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19","versionEndExcluding":"5.15.186"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19","versionEndExcluding":"6.1.142"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19","versionEndExcluding":"6.6.94"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19","versionEndExcluding":"6.12.34"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19","versionEndExcluding":"6.15.3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19","versionEndExcluding":"6.16"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/2beee9cf833374550e673d428ad8b6ab37c175b3"},{"url":"https://git.kernel.org/stable/c/c550999f939b529d28a914d5034cc4290066aea6"},{"url":"https://git.kernel.org/stable/c/1fd889c145722579aa038c31cbc07cfdd4d75166"},{"url":"https://git.kernel.org/stable/c/d62a589eaaec6385e3e2b25cf5a28b4560ace93f"},{"url":"https://git.kernel.org/stable/c/8312b1f776f71979bf33bda7acc05b348e8792c7"},{"url":"https://git.kernel.org/stable/c/f697ef117ecbf3a367dfc559a6a3589905956530"},{"url":"https://git.kernel.org/stable/c/45b2e8b0fdd280aba04c3cc869e9ae500c44e4b7"},{"url":"https://git.kernel.org/stable/c/f1706e0e1a74b095cbc60375b9b1e6205f5f4c98"}],"title":"soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop()","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"},{"url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T17:34:35.777Z"}}]}}