{"id":"CVE-2025-38610","summary":"powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\npowercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw()\n\nThe get_pd_power_uw() function can crash with a NULL pointer dereference\nwhen em_cpu_get() returns NULL. This occurs when a CPU becomes impossible\nduring runtime, causing get_cpu_device() to return NULL, which propagates\nthrough em_cpu_get() and leads to a crash when em_span_cpus() dereferences\nthe NULL pointer.\n\nAdd a NULL check after em_cpu_get() and return 0 if unavailable,\nmatching the existing fallback behavior in __dtpm_cpu_setup().\n\n[ rjw: Drop an excess empty code line ]","modified":"2026-04-16T04:37:14.921023767Z","published":"2025-08-19T17:03:53.255Z","related":["SUSE-SU-2025:03272-1","SUSE-SU-2025:03290-1","SUSE-SU-2025:03301-1","SUSE-SU-2025:03382-1","SUSE-SU-2025:03602-1","SUSE-SU-2025:03633-1","SUSE-SU-2025:03634-1","SUSE-SU-2025:20653-1","SUSE-SU-2025:20669-1","SUSE-SU-2025:20739-1","SUSE-SU-2025:20756-1","SUSE-SU-2025:21074-1","SUSE-SU-2025:21139-1","SUSE-SU-2025:21179-1","openSUSE-SU-2025:20081-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38610.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/27914f2b795e2b58e9506f281dcdd98fef09d3c2"},{"type":"WEB","url":"https://git.kernel.org/stable/c/27e0318f0ea69fcfa32228847debc384ade14578"},{"type":"WEB","url":"https://git.kernel.org/stable/c/2fd001a0075ac01dc64a28a8e21226b3d989a91d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/46dc57406887dd02565cb264224194a6776d882b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8374ac7d69a57d737e701a851ffe980a0d27d3ad"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c6ec27091cf5ac05094c1fe3a6ce914cf711a37c"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38610.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38610"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"eb82bace893169b319c563b7f813c58a0a5a9f76"},{"fixed":"27914f2b795e2b58e9506f281dcdd98fef09d3c2"},{"fixed":"c6ec27091cf5ac05094c1fe3a6ce914cf711a37c"},{"fixed":"8374ac7d69a57d737e701a851ffe980a0d27d3ad"},{"fixed":"27e0318f0ea69fcfa32228847debc384ade14578"},{"fixed":"2fd001a0075ac01dc64a28a8e21226b3d989a91d"},{"fixed":"46dc57406887dd02565cb264224194a6776d882b"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-38610.json"}}],"schema_version":"1.7.5"}