CVE-2025-38573 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: spi: cs42l43: Property entry should be a null-terminated array The software node does not specify a count of property entries, so the array must be null-terminated. When unterminated, this can lead to a fault in the downstream cs35l56 amplifier driver, because the node parse walks off the end of the array into unknown memory.

PUBLISHED Reserved 2025-04-16 | Published 2025-08-19 | Updated 2025-09-29 | Assigner Linux

Product status

Default status

unaffected

0ca645ab5b1528666f6662a0e620140355b5aea3 before 674328102baad76c7a06628efc01974ece5ae27f

affected

0ca645ab5b1528666f6662a0e620140355b5aea3 before 9f0035ae38d2571f5ddedc829d74492013caa625

affected

0ca645ab5b1528666f6662a0e620140355b5aea3 before 139b5df757a0aa436f763b0038e0b73808d2f4b6

affected

0ca645ab5b1528666f6662a0e620140355b5aea3 before ffcfd071eec7973e58c4ffff7da4cb0e9ca7b667

affected

Default status

affected

6.11

affected

Any version before 6.11

unaffected

6.12.42

unaffected

6.15.10

unaffected

6.16.1

unaffected

6.17

unaffected

References

git.kernel.org/...c/674328102baad76c7a06628efc01974ece5ae27f

git.kernel.org/...c/9f0035ae38d2571f5ddedc829d74492013caa625

git.kernel.org/...c/139b5df757a0aa436f763b0038e0b73808d2f4b6

git.kernel.org/...c/ffcfd071eec7973e58c4ffff7da4cb0e9ca7b667

cve.org (CVE-2025-38573)

nvd.nist.gov (CVE-2025-38573)

Download JSON

help @ threatint.eu