In the Linux kernel, the following vulnerability has been resolved:

clk: davinci: Add NULL check in davinci_lpsc_clk_register()

devm_kasprintf() returns NULL when memory allocation fails. Currently,
davinci_lpsc_clk_register() does not check for this case, which results
in a NULL pointer dereference.

Add NULL check after devm_kasprintf() to prevent this issue and ensuring
no resources are left allocated.

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00066.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Linux Subscribe
Linux Kernel Subscribe

No data.

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors Products
Linux Subscribe
Linux Kernel Subscribe
Advisories
Source ID Title
Debian DLA Debian DLA DLA-4327-1 linux security update
Debian DLA Debian DLA DLA-4328-1 linux-6.1 security update
EUVD EUVD EUVD-2025-25566 In the Linux kernel, the following vulnerability has been resolved: clk: davinci: Add NULL check in davinci_lpsc_clk_register() devm_kasprintf() returns NULL when memory allocation fails. Currently, davinci_lpsc_clk_register() does not check for this case, which results in a NULL pointer dereference. Add NULL check after devm_kasprintf() to prevent this issue and ensuring no resources are left allocated.
Ubuntu USN Ubuntu USN USN-7879-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-7879-2 Linux kernel (Real-time) vulnerabilities
Ubuntu USN Ubuntu USN USN-7880-1 Linux kernel (OEM) vulnerabilities
Ubuntu USN Ubuntu USN USN-7879-3 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-7909-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-7879-4 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-7909-2 Linux kernel (Real-time) vulnerabilities
Ubuntu USN Ubuntu USN USN-7909-3 Linux kernel (FIPS) vulnerabilities
Ubuntu USN Ubuntu USN USN-7910-1 Linux kernel (Azure FIPS) vulnerabilities
Ubuntu USN Ubuntu USN USN-7909-4 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-7910-2 Linux kernel (Azure) vulnerabilities
Ubuntu USN Ubuntu USN USN-7909-5 Linux kernel (Raspberry Pi) vulnerabilities
Ubuntu USN Ubuntu USN USN-7933-1 Linux kernel (KVM) vulnerabilities
Ubuntu USN Ubuntu USN USN-7934-1 Linux kernel (Azure) vulnerabilities
Ubuntu USN Ubuntu USN USN-7938-1 Linux kernel (Azure) vulnerabilities
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://git.kernel.org/stable/c/105e8115944a9f93e9412abe7bb07ed96725adf9 cve-icon cve-icon
https://git.kernel.org/stable/c/13de464f445d42738fe18c9a28bab056ba3a290a cve-icon cve-icon
https://git.kernel.org/stable/c/1d92608a29251278015f57f3572bc950db7519f0 cve-icon cve-icon
https://git.kernel.org/stable/c/23f564326deaafacfd7adf6104755b15216d8320 cve-icon cve-icon
https://git.kernel.org/stable/c/2adc945b70c4d97e9491a6c0c9f3b217a9eecfba cve-icon cve-icon
https://git.kernel.org/stable/c/6fb19cdcf040e1dec052a9032acb66cc2ad1d43f cve-icon cve-icon
https://git.kernel.org/stable/c/77e9ad7a2d0e2a771c9e0be04b9d1639413b5f13 cve-icon cve-icon
https://git.kernel.org/stable/c/7843412e5927dafbb844782c56b6380564064109 cve-icon cve-icon
https://git.kernel.org/stable/c/7943ed1f05f5cb7372dca2aa227f848747a98791 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html cve-icon
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html cve-icon
https://lore.kernel.org/linux-cve-announce/2025082233-CVE-2025-38635-aa1c@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-38635 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-38635 cve-icon
History

Mon, 03 Nov 2025 18:30:00 +0000

Type Values Removed Values Added
References

Thu, 28 Aug 2025 15:00:00 +0000

Type Values Removed Values Added
References

Sat, 23 Aug 2025 11:00:00 +0000

Type Values Removed Values Added
First Time appeared Linux
Linux linux Kernel
Vendors & Products Linux
Linux linux Kernel

Sat, 23 Aug 2025 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Moderate

Fri, 22 Aug 2025 16:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: clk: davinci: Add NULL check in davinci_lpsc_clk_register() devm_kasprintf() returns NULL when memory allocation fails. Currently, davinci_lpsc_clk_register() does not check for this case, which results in a NULL pointer dereference. Add NULL check after devm_kasprintf() to prevent this issue and ensuring no resources are left allocated.
Title clk: davinci: Add NULL check in davinci_lpsc_clk_register()
References

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2025-11-03T17:40:38.124Z

Reserved: 2025-04-16T04:51:24.030Z

Link: CVE-2025-38635

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-08-22T16:15:37.450

Modified: 2025-11-03T18:16:32.640

Link: CVE-2025-38635

cve-icon Redhat

Severity : Moderate

Publid Date: 2025-08-22T00:00:00Z

Links: CVE-2025-38635 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2025-08-23T10:55:25Z

Weaknesses

No weakness.