CVE-2025-22009

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: A vulnerability in the Linux kernel has been resolved, related to the regulator: dummy component. The issue sometimes causes a NULL pointer dereference at boot time in kobject get() due to asynchronous probing of the 'dummy' regulator driver. This can be verified by placing extra BUG ON() statements, which show that dummy regulator rdev is still NULL when anatop regulator probe() is called. The problem arises because dummy regulator probe() and anatop regulator probe() can be executed by different kernel threads. To address this, synchronous probing of the 'dummy' regulator has been forced, which is not expected to cause significant boot time penalties.

Recommendations: For the Linux kernel, force synchronous probing of the 'dummy' regulator driver to prevent the NULL pointer dereference issue. As a temporary workaround, consider disabling asynchronous probing of the 'dummy' regulator until a patch is available.