CVE-2025-38693

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-38693
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38693.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-38693
Downstream
Related
Published
2025-09-04T15:32:46.726Z
Modified
2026-03-20T12:42:58.631848Z
Summary
media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar
Details

In the Linux kernel, the following vulnerability has been resolved:

media: dvb-frontends: w7090p: fix null-ptr-deref in w7090ptunerwriteserpar and w7090ptunerreadserpar

In w7090ptunerwrite_serpar, msg is controlled by user. When msg[0].buf is null and msg[0].len is zero, former checks on msg[0].buf would be passed. If accessing msg[0].buf[2] without sanity check, null pointer deref would happen. We add check on msg[0].len to prevent crash.

Similar commit: commit 0ed554fd769a ("media: dvb-usb: az6027: fix null-ptr-deref in az6027i2cxfer()")

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38693.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
713d54a8bd812229410a1902cd9b332a2a27af9f
Fixed
7a41ecfc3415ebe3b4c44f96b3337691dcf431a3
Fixed
b3d77a3fc71c084575d3df4ec6544b3fb6ce587d
Fixed
17b30e5ded062bd74f8ca6f317e1d415a8680665
Fixed
454a443eaa792c8865c861a282fe6d4f596abc3a
Fixed
6bbaec6a036940e22318f0454b50b8000845ab59
Fixed
f98132a59ccc59a8b97987363bc99c8968934756
Fixed
99690a494d91a0dc86cebd628da4c62c40552bcb
Fixed
39b06b93f24dff923c4183d564ed28c039150554
Fixed
ed0234c8458b3149f15e496b48a1c9874dd24a1b

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38693.json"