Linux Kernel Vulnerability in mlb_usio_probe Function
CVE-2025-38135

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 3 July 2025

What is CVE-2025-38135?

In the Linux kernel, a vulnerability was identified in the mlb_usio_probe function, related to device memory mapping. The function failed to verify if the devm_ioremap() call returned NULL, which could lead to a null pointer dereference. This issue could cause critical failures or crashes within the affected system. Implementing a NULL pointer check after the devm_ioremap() call has resolved this issue, preventing potential exploits.

Affected Version(s)

Linux ba44dc04300441b47618f9933bf36e75a280e5fe

Linux ba44dc04300441b47618f9933bf36e75a280e5fe < 81159a6b064142b993f2f39828b77e199c77872a

Linux ba44dc04300441b47618f9933bf36e75a280e5fe < 19fd9f5a69363d33079097d866eb6082d61bf31d

References

https://git.kernel.org/stable/c/a05ebe384c7ca75476453f307...

https://git.kernel.org/stable/c/81159a6b064142b993f2f3982...

https://git.kernel.org/stable/c/19fd9f5a69363d33079097d86...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 3, 2025
Vulnerability Reserved
Apr 16, 2025