In the Linux kernel, the following vulnerability has been resolved: ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() devm_ioremap() returns NULL on error. Currently, pxa_ata_probe() does not check for this case, which can result in a NULL pointer dereference. Add NULL check after devm_ioremap() to prevent this issue.

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

No data.

No data.

No data.

References
Link Providers
https://git.kernel.org/stable/c/17d5e6e915fad5a261db3698c9c5bbe702102d7c cve-icon cve-icon
https://git.kernel.org/stable/c/2ba9e4c69207777bb0775c7c091800ecd69de144 cve-icon cve-icon
https://git.kernel.org/stable/c/2dc53c7a0c1f57b082931facafa804a7ca32a9a6 cve-icon cve-icon
https://git.kernel.org/stable/c/5b09bf6243b0bc0ae58bd9efdf6f0de5546f8d06 cve-icon cve-icon
https://git.kernel.org/stable/c/a551f75401793ba8075d7f46ffc931ce5151f03f cve-icon cve-icon
https://git.kernel.org/stable/c/ad320e408a8c95a282ab9c05cdf0c9b95e317985 cve-icon cve-icon
https://git.kernel.org/stable/c/c022287f6e599422511aa227dc6da37b58d9ceac cve-icon cve-icon
https://git.kernel.org/stable/c/d0d720f9282839b9db625a376c02a1426a16b0ae cve-icon cve-icon
https://git.kernel.org/stable/c/ee2b0301d6bfe16b35d57947687c664ecb815775 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025050139-CVE-2025-37758-32dd@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-37758 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-37758 cve-icon
History

Thu, 29 May 2025 19:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-476
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

 cvssV3_1

{'score': 4.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H'}

Fri, 02 May 2025 14:45:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Moderate

Fri, 02 May 2025 06:30:00 +0000

Type Values Removed Values Added
References

Thu, 01 May 2025 13:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() devm_ioremap() returns NULL on error. Currently, pxa_ata_probe() does not check for this case, which can result in a NULL pointer dereference. Add NULL check after devm_ioremap() to prevent this issue.
Title ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe()
References
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-05-01T12:56:02.520Z

Updated: 2025-05-26T05:20:14.608Z

Reserved: 2025-04-16T04:51:23.938Z

Link: CVE-2025-37758

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-05-01T13:15:54.583

Modified: 2025-05-02T13:53:20.943

Link: CVE-2025-37758

cve-icon Redhat

Severity : Moderate

Publid Date: 2025-05-01T00:00:00Z

Links: CVE-2025-37758 - Bugzilla