CVE-2025-37850

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-37850

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37850.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-37850

Downstream

BELL-CVE-2025-37850

CLSA-2025-1757963029

DEBIAN-CVE-2025-37850

DLA-4178-1

DLA-4193-1

ECHO-e3da-e6e0-b3a0

MINI-ww58-pfpv-699v

OESA-2025-2882

OESA-2025-2883

OESA-2025-2884

ROOT-OS-DEBIAN-12-CVE-2025-37850

ROOT-OS-UBUNTU-2204-CVE-2025-37850

ROOT-OS-UBUNTU-2404-CVE-2025-37850

SUSE-SU-2025:01964-1

SUSE-SU-2025:01965-1

SUSE-SU-2025:02000-1

SUSE-SU-2025:02254-1

SUSE-SU-2025:02307-1

SUSE-SU-2025:02333-1

SUSE-SU-2025:02923-1

SUSE-SU-2025:20408-1

SUSE-SU-2025:20413-1

SUSE-SU-2025:20419-1

SUSE-SU-2025:20421-1

Related

Published

2025-05-09T06:41:57.784Z

Modified

2026-05-28T03:52:59.636315710Z

Summary

pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config()

Details

In the Linux kernel, the following vulnerability has been resolved:

pwm: mediatek: Prevent divide-by-zero in pwmmediatekconfig()

With CONFIGCOMPILETEST && !CONFIGHAVECLK, pwmmediatekconfig() has a divide-by-zero in the following line:

do_div(resolution, clk_get_rate(pc->clk_pwms[pwm->hwpwm]));

due to the fact that the !CONFIGHAVECLK version of clkgetrate() returns zero.

This is presumably just a theoretical problem: COMPILETEST overrides the dependency on RALINK which would select COMMONCLK. Regardless it's a good idea to check for the error explicitly to avoid divide-by-zero.

Fixes the following warning:

drivers/pwm/pwm-mediatek.o: warning: objtool: .text: unexpected end of section

[ukleinek: s/CONFIGCLK/CONFIGHAVE_CLK/]

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/37xxx/CVE-2025-37850.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

caf065f8fd583b43a3f95d84c8a0a0d07597963b

Fixed

8b9f60725d74b72c238e4437c957d0217746b506

Fixed

e1206d8e1651c9f62e5640b69b14d925b1a0a00a

Fixed

e3cf0c38d3ce754ad63005102fcfeb0b7ff3290b

Fixed

f3e9cf266c2c103cf071e15d7a17e2c699fff3c5

Fixed

8ddbec73ea2598d8414e8f7103241b55cf877010

Fixed

4cb15042b5f3ec0474e91cf379120cc597625dbb

Fixed

c343856ff2689ce0afef823592732fc178ef4aac

Fixed

77fb96dbe350e8a5ae4965ff9f6e7049f3966a6b

Fixed

7ca59947b5fcf94e7ea4029d1bd0f7c41500a161

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37850.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

4.12.0

Fixed

5.4.293

Type: ECOSYSTEM
Events: Introduced

5.5.0

Fixed

5.10.237

Type: ECOSYSTEM
Events: Introduced

5.11.0

Fixed

5.15.181

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.135

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.88

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.12.24

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.13.12

Type: ECOSYSTEM
Events: Introduced

6.14.0

Fixed

6.14.3

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-37850.json"