CVE-2025-38573
- Source
- https://cve.org/CVERecord?id=CVE-2025-38573
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38573.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-38573
- Downstream
- Related
- Published
- 2025-08-19T17:02:53.008Z
- Modified
- 2026-03-20T12:42:55.573199Z
- Summary
- spi: cs42l43: Property entry should be a null-terminated array
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
spi: cs42l43: Property entry should be a null-terminated array
The software node does not specify a count of property entries, so the array must be null-terminated.
When unterminated, this can lead to a fault in the downstream cs35l56 amplifier driver, because the node parse walks off the end of the array into unknown memory.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38573.json" }- References
-
- https://git.kernel.org/stable/c/139b5df757a0aa436f763b0038e0b73808d2f4b6
- https://git.kernel.org/stable/c/674328102baad76c7a06628efc01974ece5ae27f
- https://git.kernel.org/stable/c/9f0035ae38d2571f5ddedc829d74492013caa625
- https://git.kernel.org/stable/c/ffcfd071eec7973e58c4ffff7da4cb0e9ca7b667
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38573.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-38573
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0ca645ab5b1528666f6662a0e620140355b5aea3Fixed674328102baad76c7a06628efc01974ece5ae27fFixed9f0035ae38d2571f5ddedc829d74492013caa625Fixed139b5df757a0aa436f763b0038e0b73808d2f4b6Fixedffcfd071eec7973e58c4ffff7da4cb0e9ca7b667