CVE-2025-38693

UNKNOWN 0.0

media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar In w7090p_tuner_write_serpar, msg is controlled by user. When msg[0].buf is null and msg[0].len is zero, former checks on msg[0].buf would be passed. If accessing msg[0].buf[2] without sanity check, null pointer deref would happen. We add check on msg[0].len to prevent crash. Similar commit: commit 0ed554fd769a ("media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()")

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Sep 4, 2025
Last Updated	Apr 18, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

713d54a8bd812229410a1902cd9b332a2a27af9f < 7a41ecfc3415ebe3b4c44f96b3337691dcf431a3 713d54a8bd812229410a1902cd9b332a2a27af9f < ddd1f0e0b6991e4f1b5d08a74de388564b7c4ac6 713d54a8bd812229410a1902cd9b332a2a27af9f < 17b30e5ded062bd74f8ca6f317e1d415a8680665 713d54a8bd812229410a1902cd9b332a2a27af9f < 454a443eaa792c8865c861a282fe6d4f596abc3a 713d54a8bd812229410a1902cd9b332a2a27af9f < 6bbaec6a036940e22318f0454b50b8000845ab59 713d54a8bd812229410a1902cd9b332a2a27af9f < f98132a59ccc59a8b97987363bc99c8968934756 713d54a8bd812229410a1902cd9b332a2a27af9f < 99690a494d91a0dc86cebd628da4c62c40552bcb 713d54a8bd812229410a1902cd9b332a2a27af9f < 39b06b93f24dff923c4183d564ed28c039150554 713d54a8bd812229410a1902cd9b332a2a27af9f < ed0234c8458b3149f15e496b48a1c9874dd24a1b

Linux / Linux

2.6.39

References

NVD ↗ CVE.org ↗ EPSS Data ↗