CVE-2025-37758

In the Linux kernel, the following vulnerability has been resolved: ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() devm_ioremap() returns NULL on error. Currently, pxa_ata_probe() does not check for this case, which can result in a NULL pointer dereference. Add NULL check after devm_ioremap() to prevent this issue.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/17d5e6e915fad5a261db3698c9c5bbe702102d7c	Patch
https://git.kernel.org/stable/c/2ba9e4c69207777bb0775c7c091800ecd69de144	Patch
https://git.kernel.org/stable/c/2dc53c7a0c1f57b082931facafa804a7ca32a9a6	Patch
https://git.kernel.org/stable/c/5b09bf6243b0bc0ae58bd9efdf6f0de5546f8d06	Patch
https://git.kernel.org/stable/c/a551f75401793ba8075d7f46ffc931ce5151f03f	Patch
https://git.kernel.org/stable/c/ad320e408a8c95a282ab9c05cdf0c9b95e317985	Patch
https://git.kernel.org/stable/c/c022287f6e599422511aa227dc6da37b58d9ceac	Patch
https://git.kernel.org/stable/c/d0d720f9282839b9db625a376c02a1426a16b0ae	Patch
https://git.kernel.org/stable/c/ee2b0301d6bfe16b35d57947687c664ecb815775	Patch
https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html	Mailing List

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.15:rc1::::::

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

History

04 Nov 2025, 17:59

Type	Values Removed	Values Added
References	~~() https://git.kernel.org/stable/c/17d5e6e915fad5a261db3698c9c5bbe702102d7c -~~	() https://git.kernel.org/stable/c/17d5e6e915fad5a261db3698c9c5bbe702102d7c - Patch
References	~~() https://git.kernel.org/stable/c/2ba9e4c69207777bb0775c7c091800ecd69de144 -~~	() https://git.kernel.org/stable/c/2ba9e4c69207777bb0775c7c091800ecd69de144 - Patch
References	~~() https://git.kernel.org/stable/c/2dc53c7a0c1f57b082931facafa804a7ca32a9a6 -~~	() https://git.kernel.org/stable/c/2dc53c7a0c1f57b082931facafa804a7ca32a9a6 - Patch
References	~~() https://git.kernel.org/stable/c/5b09bf6243b0bc0ae58bd9efdf6f0de5546f8d06 -~~	() https://git.kernel.org/stable/c/5b09bf6243b0bc0ae58bd9efdf6f0de5546f8d06 - Patch
References	~~() https://git.kernel.org/stable/c/a551f75401793ba8075d7f46ffc931ce5151f03f -~~	() https://git.kernel.org/stable/c/a551f75401793ba8075d7f46ffc931ce5151f03f - Patch
References	~~() https://git.kernel.org/stable/c/ad320e408a8c95a282ab9c05cdf0c9b95e317985 -~~	() https://git.kernel.org/stable/c/ad320e408a8c95a282ab9c05cdf0c9b95e317985 - Patch
References	~~() https://git.kernel.org/stable/c/c022287f6e599422511aa227dc6da37b58d9ceac -~~	() https://git.kernel.org/stable/c/c022287f6e599422511aa227dc6da37b58d9ceac - Patch
References	~~() https://git.kernel.org/stable/c/d0d720f9282839b9db625a376c02a1426a16b0ae -~~	() https://git.kernel.org/stable/c/d0d720f9282839b9db625a376c02a1426a16b0ae - Patch
References	~~() https://git.kernel.org/stable/c/ee2b0301d6bfe16b35d57947687c664ecb815775 -~~	() https://git.kernel.org/stable/c/ee2b0301d6bfe16b35d57947687c664ecb815775 - Patch
References	~~() https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html -~~	() https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html - Mailing List
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
CPE		cpe:2.3:o:linux:linux_kernel:6.15:rc1:::::: cpe:2.3:o:debian:debian_linux:11.0:::::::* cpe:2.3:o:linux:linux_kernel::::::::
CWE		CWE-476
First Time		Linux linux Kernel Debian debian Linux Linux Debian

03 Nov 2025, 20:18

Type	Values Removed	Values Added
References		() https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html -

02 May 2025, 13:53

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-01 13:15

Updated : 2025-11-04 17:59

NVD link : CVE-2025-37758

Mitre link : CVE-2025-37758

CVE.ORG link : CVE-2025-37758

JSON object : View

Products Affected

linux

linux_kernel

debian

debian_linux

CWE

CWE-476

NULL Pointer Dereference

5.5 /10