fkie_cve-2025-38054
Vulnerability from fkie_nvd
Published
2025-06-18 10:15
Modified
2025-06-18 13:46
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
ptp: ocp: Limit signal/freq counts in summary output functions
The debugfs summary output could access uninitialized elements in
the freq_in[] and signal_out[] arrays, causing NULL pointer
dereferences and triggering a kernel Oops (page_fault_oops).
This patch adds u8 fields (nr_freq_in, nr_signal_out) to track the
number of initialized elements, with a maximum of 4 per array.
The summary output functions are updated to respect these limits,
preventing out-of-bounds access and ensuring safe array handling.
Widen the label variables because the change confuses GCC about
max length of the strings.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nptp: ocp: Limit signal/freq counts in summary output functions\n\nThe debugfs summary output could access uninitialized elements in\nthe freq_in[] and signal_out[] arrays, causing NULL pointer\ndereferences and triggering a kernel Oops (page_fault_oops).\nThis patch adds u8 fields (nr_freq_in, nr_signal_out) to track the\nnumber of initialized elements, with a maximum of 4 per array.\nThe summary output functions are updated to respect these limits,\npreventing out-of-bounds access and ensuring safe array handling.\n\nWiden the label variables because the change confuses GCC about\nmax length of the strings."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ptp: ocp: Limitar el conteo de se\u00f1ales/frecuencias en las funciones de salida de resumen. La salida de resumen de debugfs podr\u00eda acceder a elementos no inicializados en las matrices freq_in[] y signal_out[], lo que causa desreferencias de punteros nulos y desencadena un error de kernel (page_fault_oops). Este parche agrega campos u8 (nr_freq_in, nr_signal_out) para rastrear el n\u00famero de elementos inicializados, con un m\u00e1ximo de 4 por matriz. Las funciones de salida de resumen se actualizan para respetar estos l\u00edmites, lo que evita el acceso fuera de los l\u00edmites y garantiza el manejo seguro de la matriz. Ampl\u00ede las variables de etiqueta porque el cambio confunde a GCC sobre la longitud m\u00e1xima de las cadenas."
}
],
"id": "CVE-2025-38054",
"lastModified": "2025-06-18T13:46:52.973",
"metrics": {},
"published": "2025-06-18T10:15:38.083",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/0b7d3e782027ac3b6fec56159e8e348042000aef"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/c9e455581e2ba87ee38c126e8dc49a424b9df0cf"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/fcad74f894ac89790084cc2e1ec61b08220941d1"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Awaiting Analysis"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…