Null Pointer Dereference in Linux Kernel Power Supply Management
CVE-2025-38634

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
22 August 2025

What is CVE-2025-38634?

A vulnerability exists in the Linux kernel where the function power_supply_get_by_name() may return a NULL pointer instead of an error pointer during execution in the cpcap_usb_detect() function. This flaw could lead to null pointer dereferences, potentially causing unintended behavior or crashes in systems reliant on power management. The issue has been addressed by implementing a null check to enhance stability and security in the affected components.

Affected Version(s)

Linux eab4e6d953c1059a30ac0f15826abc7dd2374d3c

Linux eab4e6d953c1059a30ac0f15826abc7dd2374d3c < 8e9bdb563916287ba1b4258812434e0585ac6d00

Linux eab4e6d953c1059a30ac0f15826abc7dd2374d3c

References

https://git.kernel.org/stable/c/a2436263144980cc99a9860c7...
https://git.kernel.org/stable/c/8e9bdb563916287ba1b425881...
https://git.kernel.org/stable/c/f642500aa7ed93d2606e4f929...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-38634 : Null Pointer Dereference in Linux Kernel Power Supply Management