Vulnerability Database

309,136

Total vulnerabilities in the database

CVE-2025-38297

In the Linux kernel, the following vulnerability has been resolved:

PM: EM: Fix potential division-by-zero error in em_compute_costs()

When the device is of a non-CPU type, table[i].performance won't be initialized in the previous em_init_performance(), resulting in division by zero when calculating costs in em_compute_costs().

Since the 'cost' algorithm is only used for EAS energy efficiency calculations and is currently not utilized by other device drivers, we should add the _is_cpu_device(dev) check to prevent this division-by-zero issue.

Published: Jul 10, 2025
Updated: Nov 20, 2025
CVE: CVE-2025-38297
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWEs:

CWE-369

Affected Software
References

Software	From	Fixed in
linux / linux_kernel	6.9	6.12.34
linux / linux_kernel	6.13	6.15.3

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo