CVE-2025-38668

In the Linux kernel, the following vulnerability has been resolved:

regulator: core: fix NULL dereference on unbind due to stale coupling data

Failing to reset coupling_desc.n_coupled after freeing coupled_rdevs can
lead to NULL pointer dereference when regulators are accessed post-unbind.

This can happen during runtime PM or other regulator operations that rely
on coupling metadata.

For example, on ridesx4, unbinding the 'reg-dummy' platform device triggers
a panic in regulator_lock_recursive() due to stale coupling state.

Ensure n_coupled is set to 0 to prevent access to invalid pointers.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
LinuxCNA
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
vulnerable
bullseye (security)
vulnerable
bookworm
vulnerable
bookworm (security)
vulnerable
trixie (security)
6.12.41-1
fixed
forky
vulnerable
sid
vulnerable
trixie
vulnerable
References
https://git.kernel.org/stable/c/233d3c54c9620e95193923859ea1d0b0f5d748ca
https://git.kernel.org/stable/c/5d4261dbb3335221fd9c6e69f909ba79ee6663a7
https://git.kernel.org/stable/c/800a2cfb2df7f96b3fb48910fc595e0215f6b019
https://git.kernel.org/stable/c/ca46946a482238b0cdea459fb82fc837fb36260e
https://git.kernel.org/stable/c/d7e59c5fd7a0f5e16e75a30a89ea2c4ab88612b8