Description

In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Fix NULL pointer dereference when nosmp is used With nosmp in cmdline, other CPUs are not brought up, leaving their cpc_desc_ptr NULL. CPU0's iteration via for_each_possible_cpu() dereferences these NULL pointers, causing panic. Panic backtrace: [ 0.401123] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000b8 ... [ 0.403255] [<ffffffff809a5818>] cppc_allow_fast_switch+0x6a/0xd4 ... Kernel panic - not syncing: Attempted to kill init! [ rjw: New subject ]

INFO

Published Date :

2025-07-03T08:35:22.207Z

Last Modified :

2025-11-03T17:34:16.439Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-38113 vulnerability.

Vendors Products
Debian
  • Debian Linux
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-38113.

URL Resource
https://git.kernel.org/stable/c/15eece6c5b05e5f9db0711978c3e3b7f1a2cfe12 cve-icon cve-icon
https://git.kernel.org/stable/c/1a677d0ceb4a5d62117b711a8b2e0aee80d33015 cve-icon cve-icon
https://git.kernel.org/stable/c/32a48db4cf28ea087214c261da8476db218d08bd cve-icon cve-icon
https://git.kernel.org/stable/c/356d09c7f5bf525086002a34f8bae40b134d1611 cve-icon cve-icon
https://git.kernel.org/stable/c/c6dad167aade4bf0bef9130f2f149f4249fc4ad0 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html cve-icon
https://lore.kernel.org/linux-cve-announce/2025070325-CVE-2025-38113-d080@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-38113 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-38113 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact