CVE-2025-37850

In the Linux kernel, the following vulnerability has been resolved:

pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config()

With CONFIG_COMPILE_TEST && !CONFIG_HAVE_CLK, pwm_mediatek_config() has a divide-by-zero in the following line:

do_div(resolution, clk_get_rate(pc-&gt;clk_pwms[pwm-&gt;hwpwm]));

due to the fact that the !CONFIG_HAVE_CLK version of clk_get_rate() returns zero.

This is presumably just a theoretical problem: COMPILE_TEST overrides the dependency on RALINK which would select COMMON_CLK. Regardless it's a good idea to check for the error explicitly to avoid divide-by-zero.

Fixes the following warning:

drivers/pwm/pwm-mediatek.o: warning: objtool: .text: unexpected end of section

[ukleinek: s/CONFIG_CLK/CONFIG_HAVE_CLK/]

Published: May 9, 2025
Updated: Nov 18, 2025
CVE: CVE-2025-37850
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWEs:

CWE-369

Affected Software
References

Software	From	Fixed in
linux / linux_kernel	4.12	5.4.293
linux / linux_kernel	5.5	5.10.237
linux / linux_kernel	5.11	5.15.181
linux / linux_kernel	5.16	6.1.135
linux / linux_kernel	6.2	6.6.88
linux / linux_kernel	6.7	6.12.24
linux / linux_kernel	6.13	6.13.12
linux / linux_kernel	6.14	6.14.3
linux / linux_kernel	6.15-rc1	6.15-rc1.x
debian / debian_linux	11.0	11.0.x

Vulnerability Database

309,469

CVE-2025-37850

Deep Security Visibility Without the Complexity