CVE-2025-23148

In the Linux kernel, the following vulnerability has been resolved: soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() soc_dev_attr->revision could be NULL, thus, a pointer check is added to prevent potential NULL pointer dereference. This is similar to the fix in commit 3027e7b15b02 ("ice: Fix some null pointer dereference issues in ice_ptp.c"). This issue is found by our static analysis tool.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/4129760e462f45f14e61b10408ace61aa7c2ed30	Patch
https://git.kernel.org/stable/c/44a2572a0fdcf3e7565763690d579b998a8f0562	Patch
https://git.kernel.org/stable/c/475b9b45dc32eba58ab794b5d47ac689fc018398	Patch
https://git.kernel.org/stable/c/4f51d169fd0d4821bce775618db024062b09a3f7	Patch
https://git.kernel.org/stable/c/5f80fd2ff8bfd13e41554741740e0ca8e6445ded	Patch
https://git.kernel.org/stable/c/8ce469d23205249bb17c1135ccadea879576adfc	Patch
https://git.kernel.org/stable/c/8ee067cf0cf82429e9b204283c7d0d8d6891d10e	Patch
https://git.kernel.org/stable/c/c8222ef6cf29dd7cad21643228f96535cc02b327	Patch
https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html	Mailing List
https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html	Mailing List

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

History

05 Nov 2025, 18:04

Type	Values Removed	Values Added
References	~~() https://git.kernel.org/stable/c/4129760e462f45f14e61b10408ace61aa7c2ed30 -~~	() https://git.kernel.org/stable/c/4129760e462f45f14e61b10408ace61aa7c2ed30 - Patch
References	~~() https://git.kernel.org/stable/c/44a2572a0fdcf3e7565763690d579b998a8f0562 -~~	() https://git.kernel.org/stable/c/44a2572a0fdcf3e7565763690d579b998a8f0562 - Patch
References	~~() https://git.kernel.org/stable/c/475b9b45dc32eba58ab794b5d47ac689fc018398 -~~	() https://git.kernel.org/stable/c/475b9b45dc32eba58ab794b5d47ac689fc018398 - Patch
References	~~() https://git.kernel.org/stable/c/4f51d169fd0d4821bce775618db024062b09a3f7 -~~	() https://git.kernel.org/stable/c/4f51d169fd0d4821bce775618db024062b09a3f7 - Patch
References	~~() https://git.kernel.org/stable/c/5f80fd2ff8bfd13e41554741740e0ca8e6445ded -~~	() https://git.kernel.org/stable/c/5f80fd2ff8bfd13e41554741740e0ca8e6445ded - Patch
References	~~() https://git.kernel.org/stable/c/8ce469d23205249bb17c1135ccadea879576adfc -~~	() https://git.kernel.org/stable/c/8ce469d23205249bb17c1135ccadea879576adfc - Patch
References	~~() https://git.kernel.org/stable/c/8ee067cf0cf82429e9b204283c7d0d8d6891d10e -~~	() https://git.kernel.org/stable/c/8ee067cf0cf82429e9b204283c7d0d8d6891d10e - Patch
References	~~() https://git.kernel.org/stable/c/c8222ef6cf29dd7cad21643228f96535cc02b327 -~~	() https://git.kernel.org/stable/c/c8222ef6cf29dd7cad21643228f96535cc02b327 - Patch
References	~~() https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html -~~	() https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html - Mailing List
References	~~() https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html -~~	() https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html - Mailing List
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
First Time		Debian debian Linux Linux Debian Linux linux Kernel
CWE		CWE-476
CPE		cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:debian:debian_linux:11.0:::::::*

03 Nov 2025, 20:17

Type	Values Removed	Values Added
References		() https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html - () https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html -

02 May 2025, 13:53

Type	Values Removed	Values Added
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: soc: samsung: exynos-chipid: Se ha añadido una comprobación de puntero nulo en exynos_chipid_probe(). soc_dev_attr->revision podría ser nulo, por lo que se ha añadido una comprobación de puntero para evitar posibles desreferencias de punteros nulos. Esto es similar a la corrección en el commit 3027e7b15b02 ("ice: Se corrigen algunos problemas de desreferencia de puntero nulo en ice_ptp.c"). Nuestra herramienta de análisis estático ha detectado este problema.

02 May 2025, 07:16

Type	Values Removed	Values Added
References		() https://git.kernel.org/stable/c/8ce469d23205249bb17c1135ccadea879576adfc - () https://git.kernel.org/stable/c/8ee067cf0cf82429e9b204283c7d0d8d6891d10e -

01 May 2025, 13:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-01 13:15

Updated : 2025-11-05 18:04

NVD link : CVE-2025-23148

Mitre link : CVE-2025-23148

CVE.ORG link : CVE-2025-23148

JSON object : View

Products Affected

debian

debian_linux

linux

linux_kernel

CWE

CWE-476

NULL Pointer Dereference

5.5 /10