Detections
Analytics

CVE-2025-37910

high

Description

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: Fix NULL dereference in Adva board SMA sysfs operations On Adva boards, SMA sysfs store/get operations can call __handle_signal_outputs() or __handle_signal_inputs() while the `irig` and `dcf` pointers are uninitialized, leading to a NULL pointer dereference in __handle_signal() and causing a kernel crash. Adva boards don't use `irig` or `dcf` functionality, so add Adva-specific callbacks `ptp_ocp_sma_adva_set_outputs()` and `ptp_ocp_sma_adva_set_inputs()` that avoid invoking `irig` or `dcf` input/output routines.

References

https://git.kernel.org/stable/c/e98386d79a23c57cf179fe4138322e277aa3aa74

https://git.kernel.org/stable/c/8a543d825e78b8d680d8f891381b83fbffdb0bb6

https://git.kernel.org/stable/c/5b349f9cdb4a9daa133bea267dfc0c383628387a

Details

Source: Mitre, NVD

Published: 2025-05-20

Updated: 2025-05-21

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.1

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Severity: High

EPSS

EPSS: 0.00017