PT-2025-34429 · Linux+5 · Linux Kernel+5

Published

2025-01-01

·

Updated

2026-04-20

·

CVE-2025-38668

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: A flaw exists in the Linux kernel’s regulator core functionality where a failure to reset coupling data after freeing coupled regulators can lead to a NULL pointer dereference during unbinding. This can occur during runtime power management or other regulator operations that depend on coupling metadata. An example of this issue was observed on ridesx4, where unbinding a 'reg-dummy' platform device triggered a panic in the regulator lock recursive() function due to stale coupling state.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

NULL Pointer Dereference

Weakness Enumeration

CWE-476

Related Identifiers

AZL-66572
AZL-73809
BDU:2025-15771
CVE-2025-38668
DLA-4327-1
DLA-4328-1
ECHO-40E2-4346-2C92
OESA-2025-2551
OESA-2025-2552
OESA-2025-2556
OPENSUSE-SU-2025:20081-1
SUSE-SU-2025:03290-1
SUSE-SU-2025:03382-1
SUSE-SU-2025:03600-1
SUSE-SU-2025:03601-1
SUSE-SU-2025:03602-1
SUSE-SU-2025:03633-1
SUSE-SU-2025:03634-1
SUSE-SU-2025:20851-1
SUSE-SU-2025:20861-1
SUSE-SU-2025:20870-1
SUSE-SU-2025:20898-1
SUSE-SU-2025:21074-1
SUSE-SU-2025:21139-1
SUSE-SU-2025:21179-1
SUSE-SU-2025:3751-1
SUSE-SU-2025_03290-1
SUSE-SU-2025_03382-1
USN-7879-1
USN-7879-2
USN-7879-3
USN-7879-4
USN-7880-1
USN-7909-1
USN-7909-2
USN-7909-3
USN-7909-4
USN-7909-5
USN-7910-1
USN-7910-2
USN-7933-1
USN-7934-1
USN-7938-1
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu