CVE-2025-38541

MEDIUM

Linux Kernel - NULL Pointer Dereference in mt7925_thermal_init()

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init() devm_kasprintf() returns NULL on error. Currently, mt7925_thermal_init() does not check for this case, which results in a NULL pointer dereference. Add NULL check after devm_kasprintf() to prevent this issue.

References (3)

Core 3

Core References

Patch

https://git.kernel.org/stable/c/1bbdf4213711bb6dc365e7628430a63dd3280794

Patch

https://git.kernel.org/stable/c/2e99e9b34ece0b6d3e82cb757e9f60fa414da999

Patch

https://git.kernel.org/stable/c/03ee8f73801a8f46d83dfc2bf73fb9ffa5a21602

Scores

CVSS v3 5.5

EPSS 0.0014

EPSS Percentile 3.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-476

Status published

Products (12)

linux/Kernel 6.13.0 - 6.15.7linux

linux/Kernel 6.9.0 - 6.12.39linux

Linux/Linux < 6.9

Linux/Linux 396e41a74a88654f23e36c46d2995752c91654a5 - 03ee8f73801a8f46d83dfc2bf73fb9ffa5a21602

Linux/Linux 396e41a74a88654f23e36c46d2995752c91654a5 - 1bbdf4213711bb6dc365e7628430a63dd3280794

Linux/Linux 396e41a74a88654f23e36c46d2995752c91654a5 - 2e99e9b34ece0b6d3e82cb757e9f60fa414da999

Linux/Linux 6.12.39 - 6.12.*

Linux/Linux 6.15.7 - 6.15.*

Linux/Linux 6.16

Linux/Linux 6.9

... and 2 more

Published Aug 16, 2025

Tracked Since Feb 18, 2026