In the Linux kernel, the following vulnerability has been resolved:

clk: davinci: Add NULL check in davinci_lpsc_clk_register()

devm_kasprintf() returns NULL when memory allocation fails. Currently,
davinci_lpsc_clk_register() does not check for this case, which results
in a NULL pointer dereference.

Add NULL check after devm_kasprintf() to prevent this issue and ensuring
no resources are left allocated.

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00058.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Linux
  • Linux Kernel

No data.

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors Products
Linux
  • Linux Kernel
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://git.kernel.org/stable/c/105e8115944a9f93e9412abe7bb07ed96725adf9 cve-icon cve-icon
https://git.kernel.org/stable/c/13de464f445d42738fe18c9a28bab056ba3a290a cve-icon cve-icon
https://git.kernel.org/stable/c/1d92608a29251278015f57f3572bc950db7519f0 cve-icon cve-icon
https://git.kernel.org/stable/c/23f564326deaafacfd7adf6104755b15216d8320 cve-icon cve-icon
https://git.kernel.org/stable/c/2adc945b70c4d97e9491a6c0c9f3b217a9eecfba cve-icon cve-icon
https://git.kernel.org/stable/c/6fb19cdcf040e1dec052a9032acb66cc2ad1d43f cve-icon cve-icon
https://git.kernel.org/stable/c/77e9ad7a2d0e2a771c9e0be04b9d1639413b5f13 cve-icon cve-icon
https://git.kernel.org/stable/c/7843412e5927dafbb844782c56b6380564064109 cve-icon cve-icon
https://git.kernel.org/stable/c/7943ed1f05f5cb7372dca2aa227f848747a98791 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025082233-CVE-2025-38635-aa1c@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-38635 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-38635 cve-icon
History

Thu, 28 Aug 2025 15:00:00 +0000

Type Values Removed Values Added
References

Sat, 23 Aug 2025 11:00:00 +0000

Type Values Removed Values Added
First Time appeared Linux
Linux linux Kernel
Vendors & Products Linux
Linux linux Kernel

Sat, 23 Aug 2025 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Moderate

Fri, 22 Aug 2025 16:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: clk: davinci: Add NULL check in davinci_lpsc_clk_register() devm_kasprintf() returns NULL when memory allocation fails. Currently, davinci_lpsc_clk_register() does not check for this case, which results in a NULL pointer dereference. Add NULL check after devm_kasprintf() to prevent this issue and ensuring no resources are left allocated.
Title clk: davinci: Add NULL check in davinci_lpsc_clk_register()
References
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2025-08-28T14:44:23.395Z

Reserved: 2025-04-16T04:51:24.030Z

Link: CVE-2025-38635

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-08-22T16:15:37.450

Modified: 2025-08-28T15:15:56.843

Link: CVE-2025-38635

cve-icon Redhat

Severity : Moderate

Publid Date: 2025-08-22T00:00:00Z

Links: CVE-2025-38635 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2025-08-23T10:55:25Z