CVE-2025-38265 Information

Jul 12, 2025 cve

Description

In the Linux kernel the following vulnerability has been resolved:

serial: jsm: fix NPE during jsm_uart_port_init

No device was set which caused serial_base_ctrl_add to crash.

BUG: kernel NULL pointer dereference address: 0000000000000050 Oops: Oops: 0000 [1] PREEMPT SMP NOPTI CPU: 16 UID: 0 PID: 368 Comm: (udev-worker) Not tainted 6.12.25-amd64 1 Debian 6.12.25-1 RIP: 0010:serial_base_ctrl_add+0x96/0x120 Call Trace: serial_core_register_port+0x1a0/0x580 ? __setup_irq+0x39c/0x660 ? __kmalloc_cache_noprof+0x111/0x310 jsm_uart_port_init+0xe8/0x180 [jsm] jsm_probe_one+0x1f4/0x410 [jsm] local_pci_probe+0x42/0x90 pci_device_probe+0x22f/0x270 really_probe+0xdb/0x340 ? pm_runtime_barrier+0x54/0x90 ? __pfx___driver_attach+0x10/0x10 __driver_probe_device+0x78/0x110 driver_probe_device+0x1f/0xa0 __driver_attach+0xba/0x1c0 bus_for_each_dev+0x8c/0xe0 bus_add_driver+0x112/0x1f0 driver_register+0x72/0xd0 jsm_init_module+0x36/0xff0 [jsm] ? __pfx_jsm_init_module+0x10/0x10 [jsm] do_one_initcall+0x58/0x310 do_init_module+0x60/0x230

Tested with Digi Neo PCIe 8 port card.

Reference

https://git.kernel.org/stable/c/3258d7ff8ebfa451426662b23e8f2b51b129afe1 https://git.kernel.org/stable/c/985961dd2688a527a4847300d41beaad475ab7af https://git.kernel.org/stable/c/a14c0d2eb3f0b1836fdec22908b87ecffd2ac844 https://git.kernel.org/stable/c/abaecb2a4ad021c2f2426e9b2a9c020aef57aca9 https://git.kernel.org/stable/c/e3975aa899c0a3bbc10d035e699b142cd1373a71

CNNVD-202507-1385 (Published: 2025-07-10)

Share on: