Vulnerability Database

309,364

Total vulnerabilities in the database

CVE-2025-37910

In the Linux kernel, the following vulnerability has been resolved:

ptp: ocp: Fix NULL dereference in Adva board SMA sysfs operations

On Adva boards, SMA sysfs store/get operations can call __handle_signal_outputs() or __handle_signal_inputs() while the irig and dcf pointers are uninitialized, leading to a NULL pointer dereference in __handle_signal() and causing a kernel crash. Adva boards don't use irig or dcf functionality, so add Adva-specific callbacks ptp_ocp_sma_adva_set_outputs() and ptp_ocp_sma_adva_set_inputs() that avoid invoking irig or dcf input/output routines.

Published: May 20, 2025
Updated: Nov 18, 2025
CVE: CVE-2025-37910
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWEs:

CWE-476

Affected Software
References

Software	From	Fixed in
linux / linux_kernel	6.9	6.12.28
linux / linux_kernel	6.13	6.14.6
linux / linux_kernel	6.15-rc1	6.15-rc1.x
linux / linux_kernel	6.15-rc2	6.15-rc2.x
linux / linux_kernel	6.15-rc3	6.15-rc3.x
linux / linux_kernel	6.15-rc4	6.15-rc4.x

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo