{"id":"CVE-2025-71193","summary":"phy: qcom-qusb2: Fix NULL pointer dereference on early suspend","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nphy: qcom-qusb2: Fix NULL pointer dereference on early suspend\n\nEnabling runtime PM before attaching the QPHY instance as driver data\ncan lead to a NULL pointer dereference in runtime PM callbacks that\nexpect valid driver data. There is a small window where the suspend\ncallback may run after PM runtime enabling and before runtime forbid.\nThis causes a sporadic crash during boot:\n\n```\nUnable to handle kernel NULL pointer dereference at virtual address 00000000000000a1\n[...]\nCPU: 0 UID: 0 PID: 11 Comm: kworker/0:1 Not tainted 6.16.7+ #116 PREEMPT\nWorkqueue: pm pm_runtime_work\npstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : qusb2_phy_runtime_suspend+0x14/0x1e0 [phy_qcom_qusb2]\nlr : pm_generic_runtime_suspend+0x2c/0x44\n[...]\n```\n\nAttach the QPHY instance as driver data before enabling runtime PM to\nprevent NULL pointer dereference in runtime PM callbacks.\n\nReorder pm_runtime_enable() and pm_runtime_forbid() to prevent a\nshort window where an unnecessary runtime suspend can occur.\n\nUse the devres-managed version to ensure PM runtime is symmetrically\ndisabled during driver removal for proper cleanup.","modified":"2026-04-02T17:30:00.312244Z","published":"2026-02-04T16:04:14.514Z","related":["SUSE-SU-2026:20838-1","SUSE-SU-2026:20931-1","openSUSE-SU-2026:20416-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/71xxx/CVE-2025-71193.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/1ca52c0983c34fca506921791202ed5bdafd5306"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4ac15caa27ff842b068a54f1c6a8ff8b31f658e7"},{"type":"WEB","url":"https://git.kernel.org/stable/c/beba460a299150b5d8dcbe3474a8f4bdf0205180"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d50a9b7fd07296a1ab81c49ceba14cae3d31df86"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/71xxx/CVE-2025-71193.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-71193"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"891a96f65ac3b12883ddbc6d1a9adf6e54dc903c"},{"fixed":"beba460a299150b5d8dcbe3474a8f4bdf0205180"},{"fixed":"d50a9b7fd07296a1ab81c49ceba14cae3d31df86"},{"fixed":"4ac15caa27ff842b068a54f1c6a8ff8b31f658e7"},{"fixed":"1ca52c0983c34fca506921791202ed5bdafd5306"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-71193.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"4.17.0"},{"fixed":"6.6.122"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.12.67"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.18.7"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-71193.json"}}],"schema_version":"1.7.5"}