In the Linux kernel, the following vulnerability has been resolved:
clk: samsung: Fix UBSAN panic in samsungclkinit()
With UBSANARRAYBOUNDS=y, I'm hitting the below panic due to
dereferencing ctx->clk_data.hws
before setting
ctx->clk_data.num = nr_clks
. Move that up to fix the crash.
UBSAN: array index out of bounds: 00000000f2005512 [#1] PREEMPT SMP <snip> Call trace: samsungclkinit+0x110/0x124 (P) samsungclkinit+0x48/0x124 (L) samsungcmuregisterone+0x3c/0xa0 exynosarm64registercmu+0x54/0x64 _gs101cmutopofclkinit_declare+0x28/0x60 ...
[ { "deprecated": false, "id": "CVE-2025-39728-1c7729c1", "signature_type": "Function", "digest": { "length": 447.0, "function_hash": "292124280895459103623110709152611111437" }, "target": { "file": "drivers/clk/samsung/clk.c", "function": "samsung_clk_init" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@00307934eb94aaa0a99addfb37b9fe206f945004", "signature_version": "v1" }, { "deprecated": false, "id": "CVE-2025-39728-3758edf6", "signature_type": "Function", "digest": { "length": 470.0, "function_hash": "73815214648799306881003491190342996174" }, "target": { "file": "drivers/clk/samsung/clk.c", "function": "samsung_clk_init" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@24307866e0ac0a5ddb462e766ceda5e27a6fbbe3", "signature_version": "v1" }, { "deprecated": false, "id": "CVE-2025-39728-37abd36d", "signature_type": "Function", "digest": { "length": 470.0, "function_hash": "73815214648799306881003491190342996174" }, "target": { "file": "drivers/clk/samsung/clk.c", "function": "samsung_clk_init" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4d29a6dcb51e346595a15b49693eeb728925ca43", "signature_version": "v1" }, { "deprecated": false, "id": "CVE-2025-39728-4093c18c", "signature_type": "Line", "digest": { "line_hashes": [ "98507281670749471206311075307345963330", "78537535047448856955851230519670732876", "308291949188909537517396411600461596741", "233432844692974394097821756281196719254", "46582232639956512770159817832685751892", "19578681521377753937963282565477157581", "170608628616071675936958903438897002191", "174669168725812359677451679797491878802" ], "threshold": 0.9 }, "target": { "file": "drivers/clk/samsung/clk.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@157de9e48007a20c65d02fc0229a16f38134a72d", "signature_version": "v1" }, { "deprecated": false, "id": "CVE-2025-39728-51a1b724", "signature_type": "Line", "digest": { "line_hashes": [ "98507281670749471206311075307345963330", "78537535047448856955851230519670732876", "308291949188909537517396411600461596741", "233432844692974394097821756281196719254", "46582232639956512770159817832685751892", "19578681521377753937963282565477157581", "170608628616071675936958903438897002191", "174669168725812359677451679797491878802" ], "threshold": 0.9 }, "target": { "file": "drivers/clk/samsung/clk.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4d29a6dcb51e346595a15b49693eeb728925ca43", "signature_version": "v1" }, { "deprecated": false, "id": "CVE-2025-39728-52fffa7f", "signature_type": "Line", "digest": { "line_hashes": [ "98507281670749471206311075307345963330", "78537535047448856955851230519670732876", "308291949188909537517396411600461596741", "233432844692974394097821756281196719254", "46582232639956512770159817832685751892", "19578681521377753937963282565477157581", "170608628616071675936958903438897002191", "174669168725812359677451679797491878802" ], "threshold": 0.9 }, "target": { "file": "drivers/clk/samsung/clk.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@24307866e0ac0a5ddb462e766ceda5e27a6fbbe3", "signature_version": "v1" }, { "deprecated": false, "id": "CVE-2025-39728-5564ef8b", "signature_type": "Function", "digest": { "length": 470.0, "function_hash": "73815214648799306881003491190342996174" }, "target": { "file": "drivers/clk/samsung/clk.c", "function": "samsung_clk_init" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d19d7345a7bcdb083b65568a11b11adffe0687af", "signature_version": "v1" }, { "deprecated": false, "id": "CVE-2025-39728-60ebbcc1", "signature_type": "Line", "digest": { "line_hashes": [ "98507281670749471206311075307345963330", "78537535047448856955851230519670732876", "152476682037666657001703015728892969420", "30608537827929997514703408480955698467", "110623966037119855758212022455138178662", "170608628616071675936958903438897002191", "174669168725812359677451679797491878802" ], "threshold": 0.9 }, "target": { "file": "drivers/clk/samsung/clk.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d974e177369c034984cece9d7d4fada9f8b9c740", "signature_version": "v1" }, { "deprecated": false, "id": "CVE-2025-39728-61df47a4", "signature_type": "Line", "digest": { "line_hashes": [ "98507281670749471206311075307345963330", "78537535047448856955851230519670732876", "152476682037666657001703015728892969420", "30608537827929997514703408480955698467", "110623966037119855758212022455138178662", "170608628616071675936958903438897002191", "174669168725812359677451679797491878802" ], "threshold": 0.9 }, "target": { "file": "drivers/clk/samsung/clk.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0fef48f4a70e45a93e73c39023c3a6ea624714d6", "signature_version": "v1" }, { "deprecated": false, "id": "CVE-2025-39728-865e23a0", "signature_type": "Function", "digest": { "length": 470.0, "function_hash": "73815214648799306881003491190342996174" }, "target": { "file": "drivers/clk/samsung/clk.c", "function": "samsung_clk_init" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a1500b98cd81a32fdfb9bc63c33bb9f0c2a0a1bf", "signature_version": "v1" }, { "deprecated": false, "id": "CVE-2025-39728-a73a0a02", "signature_type": "Function", "digest": { "length": 470.0, "function_hash": "73815214648799306881003491190342996174" }, "target": { "file": "drivers/clk/samsung/clk.c", "function": "samsung_clk_init" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@157de9e48007a20c65d02fc0229a16f38134a72d", "signature_version": "v1" }, { "deprecated": false, "id": "CVE-2025-39728-bc6ab473", "signature_type": "Line", "digest": { "line_hashes": [ "98507281670749471206311075307345963330", "78537535047448856955851230519670732876", "308291949188909537517396411600461596741", "233432844692974394097821756281196719254", "46582232639956512770159817832685751892", "19578681521377753937963282565477157581", "170608628616071675936958903438897002191", "174669168725812359677451679797491878802" ], "threshold": 0.9 }, "target": { "file": "drivers/clk/samsung/clk.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a1500b98cd81a32fdfb9bc63c33bb9f0c2a0a1bf", "signature_version": "v1" }, { "deprecated": false, "id": "CVE-2025-39728-cccca8bc", "signature_type": "Function", "digest": { "length": 447.0, "function_hash": "292124280895459103623110709152611111437" }, "target": { "file": "drivers/clk/samsung/clk.c", "function": "samsung_clk_init" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d974e177369c034984cece9d7d4fada9f8b9c740", "signature_version": "v1" }, { "deprecated": false, "id": "CVE-2025-39728-ce3a6aa3", "signature_type": "Line", "digest": { "line_hashes": [ "98507281670749471206311075307345963330", "78537535047448856955851230519670732876", "152476682037666657001703015728892969420", "30608537827929997514703408480955698467", "110623966037119855758212022455138178662", "170608628616071675936958903438897002191", "174669168725812359677451679797491878802" ], "threshold": 0.9 }, "target": { "file": "drivers/clk/samsung/clk.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@00307934eb94aaa0a99addfb37b9fe206f945004", "signature_version": "v1" }, { "deprecated": false, "id": "CVE-2025-39728-d0e8ff80", "signature_type": "Line", "digest": { "line_hashes": [ "98507281670749471206311075307345963330", "78537535047448856955851230519670732876", "308291949188909537517396411600461596741", "233432844692974394097821756281196719254", "46582232639956512770159817832685751892", "19578681521377753937963282565477157581", "170608628616071675936958903438897002191", "174669168725812359677451679797491878802" ], "threshold": 0.9 }, "target": { "file": "drivers/clk/samsung/clk.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d19d7345a7bcdb083b65568a11b11adffe0687af", "signature_version": "v1" }, { "deprecated": false, "id": "CVE-2025-39728-d291adce", "signature_type": "Function", "digest": { "length": 447.0, "function_hash": "292124280895459103623110709152611111437" }, "target": { "file": "drivers/clk/samsung/clk.c", "function": "samsung_clk_init" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0fef48f4a70e45a93e73c39023c3a6ea624714d6", "signature_version": "v1" } ]