{"id":"CVE-2025-38487","summary":"soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: aspeed: lpc-snoop: Don't disable channels that aren't enabled\n\nMitigate e.g. the following:\n\n    # echo 1e789080.lpc-snoop \u003e /sys/bus/platform/drivers/aspeed-lpc-snoop/unbind\n    ...\n    [  120.363594] Unable to handle kernel NULL pointer dereference at virtual address 00000004 when write\n    [  120.373866] [00000004] *pgd=00000000\n    [  120.377910] Internal error: Oops: 805 [#1] SMP ARM\n    [  120.383306] CPU: 1 UID: 0 PID: 315 Comm: sh Not tainted 6.15.0-rc1-00009-g926217bc7d7d-dirty #20 NONE\n    ...\n    [  120.679543] Call trace:\n    [  120.679559]  misc_deregister from aspeed_lpc_snoop_remove+0x84/0xac\n    [  120.692462]  aspeed_lpc_snoop_remove from platform_remove+0x28/0x38\n    [  120.700996]  platform_remove from device_release_driver_internal+0x188/0x200\n    ...","modified":"2026-04-16T04:38:38.566024725Z","published":"2025-07-28T11:21:51.249Z","related":["SUSE-SU-2025:02853-1","SUSE-SU-2025:02923-1","SUSE-SU-2025:02969-1","SUSE-SU-2025:02996-1","SUSE-SU-2025:02997-1","SUSE-SU-2025:03011-1","SUSE-SU-2025:03023-1","SUSE-SU-2025:20577-1","SUSE-SU-2025:20586-1","SUSE-SU-2025:20601-1","SUSE-SU-2025:20602-1","SUSE-SU-2025:21074-1","SUSE-SU-2025:21139-1","SUSE-SU-2025:21179-1","openSUSE-SU-2025:20081-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38487.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/166afe964e8433d52c641f5d1c09102bacee9a92"},{"type":"WEB","url":"https://git.kernel.org/stable/c/329a80adc0e5f815d0514a6d403aaaf0995cd9be"},{"type":"WEB","url":"https://git.kernel.org/stable/c/56448e78a6bb4e1a8528a0e2efe94eff0400c247"},{"type":"WEB","url":"https://git.kernel.org/stable/c/62e51f51d97477ea4e78c82e7076a171dac86c75"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9e1d2b97f5e2a36a2fd30a8bd30ead9dac5e3a51"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ac10ed9862104936a412f8b475c869e99f048448"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b361598b7352f02456619a6105c7da952ef69f8f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/dc5598482e2d3b234f6d72d6f5568e24f603e51a"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38487.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38487"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"9f4f9ae81d0affc182f54dd00285ddb90e0b3ae1"},{"fixed":"62e51f51d97477ea4e78c82e7076a171dac86c75"},{"fixed":"9e1d2b97f5e2a36a2fd30a8bd30ead9dac5e3a51"},{"fixed":"166afe964e8433d52c641f5d1c09102bacee9a92"},{"fixed":"dc5598482e2d3b234f6d72d6f5568e24f603e51a"},{"fixed":"329a80adc0e5f815d0514a6d403aaaf0995cd9be"},{"fixed":"b361598b7352f02456619a6105c7da952ef69f8f"},{"fixed":"ac10ed9862104936a412f8b475c869e99f048448"},{"fixed":"56448e78a6bb4e1a8528a0e2efe94eff0400c247"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-38487.json"}}],"schema_version":"1.7.5"}