CVE-2025-22009

Description

In the Linux kernel, the following vulnerability has been resolved: regulator: dummy: force synchronous probing Sometimes I get a NULL pointer dereference at boot time in kobject_get() with the following call stack: anatop_regulator_probe() devm_regulator_register() regulator_register() regulator_resolve_supply() kobject_get() By placing some extra BUG_ON() statements I could verify that this is raised because probing of the 'dummy' regulator driver is not completed ('dummy_regulator_rdev' is still NULL). In the JTAG debugger I can see that dummy_regulator_probe() and anatop_regulator_probe() can be run by different kernel threads (kworker/u4:*). I haven't further investigated whether this can be changed or if there are other possibilities to force synchronization between these two probe routines. On the other hand I don't expect much boot time penalty by probing the 'dummy' regulator synchronously.

Reserved 2024-12-29 | Published 2025-04-08 | Updated 2025-05-04 | Assigner Linux

Product status

Default status
unaffected

259b93b21a9ffe5117af4dfb5505437e463c6a5a before e26f24ca4fb940b15e092796c5993142a2558bd9
affected

259b93b21a9ffe5117af4dfb5505437e463c6a5a before d3b83a1442a09b145006eb4294b1a963c5345c9c
affected

259b93b21a9ffe5117af4dfb5505437e463c6a5a before 5ade367b56c3947c990598df92395ce737bee872
affected

259b93b21a9ffe5117af4dfb5505437e463c6a5a before 8619909b38eeebd3e60910158d7d68441fc954e9
affected

Default status
affected

6.4
affected

Any version before 6.4
unaffected

6.6.85
unaffected

6.12.21
unaffected

6.13.9
unaffected

6.14
unaffected

References

git.kernel.org/...c/e26f24ca4fb940b15e092796c5993142a2558bd9

git.kernel.org/...c/d3b83a1442a09b145006eb4294b1a963c5345c9c

git.kernel.org/...c/5ade367b56c3947c990598df92395ce737bee872

git.kernel.org/...c/8619909b38eeebd3e60910158d7d68441fc954e9

cve.org (CVE-2025-22009)

nvd.nist.gov (CVE-2025-22009)

Download JSON