CVE-2025-38559

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-38559
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38559.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-38559
Downstream
Published
2025-08-19T17:02:37.020Z
Modified
2025-12-02T05:14:11.104663Z
Summary
platform/x86/intel/pmt: fix a crashlog NULL pointer access
Details

In the Linux kernel, the following vulnerability has been resolved:

platform/x86/intel/pmt: fix a crashlog NULL pointer access

Usage of the intelpmtread() for binary sysfs, requires a pcidev. The current use of the endpoint value is only valid for telemetry endpoint usage.

Without the ep, the crashlog usage causes the following NULL pointer exception:

BUG: kernel NULL pointer dereference, address: 0000000000000000 Oops: Oops: 0000 [#1] SMP NOPTI RIP: 0010:intelpmtread+0x3b/0x70 [pmtclass] Code: Call Trace: <TASK> ? sysfskfbinread+0xc0/0xe0 kernfsfopreaditer+0xac/0x1a0 vfsread+0x26d/0x350 ksysread+0x6b/0xe0 _x64sysread+0x1d/0x30 x64syscall+0x1bc8/0x1d70 dosyscall64+0x6d/0x110

Augment struct intelpmtentry with a pointer to the pcidev to avoid the NULL pointer exception.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38559.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
045a513040cc0242d364c05c3791594e2294f32d
Fixed
860d93bd6a21f08883711196344c353bc3936a2b
Fixed
18d53b543b5447478e259c96ca4688393f327c98
Fixed
089d05266b2caf020ac2ae2cd2be78f580268f5d
Fixed
54d5cd4719c5e87f33d271c9ac2e393147d934f8

Affected versions

v6.*

v6.11
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.10
v6.12.11
v6.12.12
v6.12.13
v6.12.14
v6.12.15
v6.12.16
v6.12.17
v6.12.18
v6.12.19
v6.12.2
v6.12.20
v6.12.21
v6.12.22
v6.12.23
v6.12.24
v6.12.25
v6.12.26
v6.12.27
v6.12.28
v6.12.29
v6.12.3
v6.12.30
v6.12.31
v6.12.32
v6.12.33
v6.12.34
v6.12.35
v6.12.36
v6.12.37
v6.12.38
v6.12.39
v6.12.4
v6.12.40
v6.12.41
v6.12.5
v6.12.6
v6.12.7
v6.12.8
v6.12.9
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.14
v6.14-rc1
v6.14-rc2
v6.14-rc3
v6.14-rc4
v6.14-rc5
v6.14-rc6
v6.14-rc7
v6.15
v6.15-rc1
v6.15-rc2
v6.15-rc3
v6.15-rc4
v6.15-rc5
v6.15-rc6
v6.15-rc7
v6.15.1
v6.15.2
v6.15.3
v6.15.4
v6.15.5
v6.15.6
v6.15.7
v6.15.8
v6.15.9
v6.16
v6.16-rc1
v6.16-rc2
v6.16-rc3
v6.16-rc4
v6.16-rc5
v6.16-rc6
v6.16-rc7

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38559.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.12.0
Fixed
6.12.42
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.15.10
Type
ECOSYSTEM
Events
Introduced
6.16.0
Fixed
6.16.1

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38559.json"