CVE-2025-38487

In the Linux kernel, the following vulnerability has been resolved: soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled Mitigate e.g. the following: # echo 1e789080.lpc-snoop > /sys/bus/platform/drivers/aspeed-lpc-snoop/unbind ... [ 120.363594] Unable to handle kernel NULL pointer dereference at virtual address 00000004 when write [ 120.373866] [00000004] *pgd=00000000 [ 120.377910] Internal error: Oops: 805 [#1] SMP ARM [ 120.383306] CPU: 1 UID: 0 PID: 315 Comm: sh Not tainted 6.15.0-rc1-00009-g926217bc7d7d-dirty #20 NONE ... [ 120.679543] Call trace: [ 120.679559] misc_deregister from aspeed_lpc_snoop_remove+0x84/0xac [ 120.692462] aspeed_lpc_snoop_remove from platform_remove+0x28/0x38 [ 120.700996] platform_remove from device_release_driver_internal+0x188/0x200 ...

CVSS

No CVSS.

References

Link	Resource
https://git.kernel.org/stable/c/329a80adc0e5f815d0514a6d403aaaf0995cd9be
https://git.kernel.org/stable/c/56448e78a6bb4e1a8528a0e2efe94eff0400c247
https://git.kernel.org/stable/c/ac10ed9862104936a412f8b475c869e99f048448
https://git.kernel.org/stable/c/b361598b7352f02456619a6105c7da952ef69f8f
https://git.kernel.org/stable/c/dc5598482e2d3b234f6d72d6f5568e24f603e51a

Configurations

No configuration.

History

28 Jul 2025, 12:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-28 12:15

Updated : 2025-07-28 12:15

NVD link : CVE-2025-38487

Mitre link : CVE-2025-38487

JSON object : View

Products Affected

No product.

CWE

No CWE.

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://git.kernel.org/stable/c/329a80adc0e5f815d0514a6d403aaaf0995cd9be", "name": "https://git.kernel.org/stable/c/329a80adc0e5f815d0514a6d403aaaf0995cd9be", "tags": [], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/56448e78a6bb4e1a8528a0e2efe94eff0400c247", "name": "https://git.kernel.org/stable/c/56448e78a6bb4e1a8528a0e2efe94eff0400c247", "tags": [], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/ac10ed9862104936a412f8b475c869e99f048448", "name": "https://git.kernel.org/stable/c/ac10ed9862104936a412f8b475c869e99f048448", "tags": [], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/b361598b7352f02456619a6105c7da952ef69f8f", "name": "https://git.kernel.org/stable/c/b361598b7352f02456619a6105c7da952ef69f8f", "tags": [], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/dc5598482e2d3b234f6d72d6f5568e24f603e51a", "name": "https://git.kernel.org/stable/c/dc5598482e2d3b234f6d72d6f5568e24f603e51a", "tags": [], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: aspeed: lpc-snoop: Don't disable channels that aren't enabled\n\nMitigate e.g. the following:\n\n # echo 1e789080.lpc-snoop > /sys/bus/platform/drivers/aspeed-lpc-snoop/unbind\n ...\n [ 120.363594] Unable to handle kernel NULL pointer dereference at virtual address 00000004 when write\n [ 120.373866] [00000004] *pgd=00000000\n [ 120.377910] Internal error: Oops: 805 [#1] SMP ARM\n [ 120.383306] CPU: 1 UID: 0 PID: 315 Comm: sh Not tainted 6.15.0-rc1-00009-g926217bc7d7d-dirty #20 NONE\n ...\n [ 120.679543] Call trace:\n [ 120.679559] misc_deregister from aspeed_lpc_snoop_remove+0x84/0xac\n [ 120.692462] aspeed_lpc_snoop_remove from platform_remove+0x28/0x38\n [ 120.700996] platform_remove from device_release_driver_internal+0x188/0x200\n ..."}]}, "problemtype": {"problemtype_data": [{"description": []}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2025-38487", "ASSIGNER": "cve@kernel.org"}}, "impact": {}, "publishedDate": "2025-07-28T12:15Z", "configurations": {"nodes": [], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-07-28T12:15Z"}