CVE-2025-37831

MEDIUM

Linux kernel - Null Pointer Dereference

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() cpufreq_cpu_get_raw() can return NULL when the target CPU is not present in the policy->cpus mask. apple_soc_cpufreq_get_rate() does not check for this case, which results in a NULL pointer dereference.

References (4)

Core 4

Scores

CVSS v3 5.5
EPSS 0.0015
EPSS Percentile 4.5%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-476
Status published
Products (15)
linux/Kernel 6.13.0 - 6.14.5linux
linux/Kernel 6.2.0 - 6.6.89linux
linux/Kernel 6.7.0 - 6.12.26linux
Linux/Linux < 6.2
Linux/Linux 6.12.26 - 6.12.*
Linux/Linux 6.14.5 - 6.14.*
Linux/Linux 6.15
Linux/Linux 6.2
Linux/Linux 6.6.89 - 6.6.*
Linux/Linux 6286bbb40576ffadfde206c332b61345c19af57f - 01e86ea22610d98ae6141e428019a6916e79f725
... and 5 more
Published May 08, 2025
Tracked Since Feb 18, 2026