CVE-2025-37829

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-37829
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37829.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-37829
Downstream
Related
Published
2025-05-08T06:26:21.061Z
Modified
2026-05-15T11:53:21.185295163Z
Summary
cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate()
Details

In the Linux kernel, the following vulnerability has been resolved:

cpufreq: scpi: Fix null-ptr-deref in scpicpufreqget_rate()

cpufreqcpugetraw() can return NULL when the target CPU is not present in the policy->cpus mask. scpicpufreqgetrate() does not check for this case, which results in a NULL pointer dereference.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/37xxx/CVE-2025-37829.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
4.16.0
Fixed
5.4.293
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.237
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.181
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.136
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.89
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.26
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.14.5

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37829.json"