CVE-2025-22095 (GCVE-0-2025-22095)

Vulnerability from cvelistv5 – Published: 2025-04-16 14:12 – Updated: 2025-11-03 19:42
VLAI?
Title
PCI: brcmstb: Fix error path after a call to regulator_bulk_get()
Summary
In the Linux kernel, the following vulnerability has been resolved: PCI: brcmstb: Fix error path after a call to regulator_bulk_get() If the regulator_bulk_get() returns an error and no regulators are created, we need to set their number to zero. If we don't do this and the PCIe link up fails, a call to the regulator_bulk_free() will result in a kernel panic. While at it, print the error value, as we cannot return an error upwards as the kernel will WARN() on an error from add_bus(). [kwilczynski: commit log, use comma in the message to match style with other similar messages]
Severity ?
No CVSS data available.
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 9e6be018b26347c26a93e63fb50a37ee2c9311de , < 99a0efba9f903acbdece548862b6b4cbe7d999e1 (git)
Affected: 9e6be018b26347c26a93e63fb50a37ee2c9311de , < eedd054834930b8d678f0776cd4b091b8fffbb4a (git)
Affected: 9e6be018b26347c26a93e63fb50a37ee2c9311de , < df63321a40cc98e52313cffbff376b8ae9ceffa7 (git)
Affected: 9e6be018b26347c26a93e63fb50a37ee2c9311de , < 7842e842a9bf6bd5866c84f588353711d131ab1a (git)
Affected: 9e6be018b26347c26a93e63fb50a37ee2c9311de , < 6f44e1fdb006db61394aa4d4c25728ada00842e7 (git)
Affected: 9e6be018b26347c26a93e63fb50a37ee2c9311de , < 3651ad5249c51cf7eee078e12612557040a6bdb4 (git)
Create a notification for this product.
    Linux Linux Affected: 6.0
Unaffected: 0 , < 6.0 (semver)
Unaffected: 6.1.134 , ≤ 6.1.* (semver)
Unaffected: 6.6.87 , ≤ 6.6.* (semver)
Unaffected: 6.12.23 , ≤ 6.12.* (semver)
Unaffected: 6.13.11 , ≤ 6.13.* (semver)
Unaffected: 6.14.2 , ≤ 6.14.* (semver)
Unaffected: 6.15 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T19:42:11.748Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/pci/controller/pcie-brcmstb.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "99a0efba9f903acbdece548862b6b4cbe7d999e1",
              "status": "affected",
              "version": "9e6be018b26347c26a93e63fb50a37ee2c9311de",
              "versionType": "git"
            },
            {
              "lessThan": "eedd054834930b8d678f0776cd4b091b8fffbb4a",
              "status": "affected",
              "version": "9e6be018b26347c26a93e63fb50a37ee2c9311de",
              "versionType": "git"
            },
            {
              "lessThan": "df63321a40cc98e52313cffbff376b8ae9ceffa7",
              "status": "affected",
              "version": "9e6be018b26347c26a93e63fb50a37ee2c9311de",
              "versionType": "git"
            },
            {
              "lessThan": "7842e842a9bf6bd5866c84f588353711d131ab1a",
              "status": "affected",
              "version": "9e6be018b26347c26a93e63fb50a37ee2c9311de",
              "versionType": "git"
            },
            {
              "lessThan": "6f44e1fdb006db61394aa4d4c25728ada00842e7",
              "status": "affected",
              "version": "9e6be018b26347c26a93e63fb50a37ee2c9311de",
              "versionType": "git"
            },
            {
              "lessThan": "3651ad5249c51cf7eee078e12612557040a6bdb4",
              "status": "affected",
              "version": "9e6be018b26347c26a93e63fb50a37ee2c9311de",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/pci/controller/pcie-brcmstb.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.0"
            },
            {
              "lessThan": "6.0",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.134",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.87",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.23",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.13.*",
              "status": "unaffected",
              "version": "6.13.11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.14.*",
              "status": "unaffected",
              "version": "6.14.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.134",
                  "versionStartIncluding": "6.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.87",
                  "versionStartIncluding": "6.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.23",
                  "versionStartIncluding": "6.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.13.11",
                  "versionStartIncluding": "6.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.14.2",
                  "versionStartIncluding": "6.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.15",
                  "versionStartIncluding": "6.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: brcmstb: Fix error path after a call to regulator_bulk_get()\n\nIf the regulator_bulk_get() returns an error and no regulators\nare created, we need to set their number to zero.\n\nIf we don\u0027t do this and the PCIe link up fails, a call to the\nregulator_bulk_free() will result in a kernel panic.\n\nWhile at it, print the error value, as we cannot return an error\nupwards as the kernel will WARN() on an error from add_bus().\n\n[kwilczynski: commit log, use comma in the message to match style with\nother similar messages]"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-26T05:18:21.435Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/99a0efba9f903acbdece548862b6b4cbe7d999e1"
        },
        {
          "url": "https://git.kernel.org/stable/c/eedd054834930b8d678f0776cd4b091b8fffbb4a"
        },
        {
          "url": "https://git.kernel.org/stable/c/df63321a40cc98e52313cffbff376b8ae9ceffa7"
        },
        {
          "url": "https://git.kernel.org/stable/c/7842e842a9bf6bd5866c84f588353711d131ab1a"
        },
        {
          "url": "https://git.kernel.org/stable/c/6f44e1fdb006db61394aa4d4c25728ada00842e7"
        },
        {
          "url": "https://git.kernel.org/stable/c/3651ad5249c51cf7eee078e12612557040a6bdb4"
        }
      ],
      "title": "PCI: brcmstb: Fix error path after a call to regulator_bulk_get()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-22095",
    "datePublished": "2025-04-16T14:12:46.226Z",
    "dateReserved": "2024-12-29T08:45:45.818Z",
    "dateUpdated": "2025-11-03T19:42:11.748Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-22095\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-04-16T15:16:03.830\",\"lastModified\":\"2025-11-03T20:17:44.150\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nPCI: brcmstb: Fix error path after a call to regulator_bulk_get()\\n\\nIf the regulator_bulk_get() returns an error and no regulators\\nare created, we need to set their number to zero.\\n\\nIf we don\u0027t do this and the PCIe link up fails, a call to the\\nregulator_bulk_free() will result in a kernel panic.\\n\\nWhile at it, print the error value, as we cannot return an error\\nupwards as the kernel will WARN() on an error from add_bus().\\n\\n[kwilczynski: commit log, use comma in the message to match style with\\nother similar messages]\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: PCI: brcmstb: Correcci\u00f3n de la ruta de error tras una llamada a regulator_bulk_get(). Si regulator_bulk_get() devuelve un error y no se crean reguladores, debemos establecer su n\u00famero en cero. Si no lo hacemos y falla la conexi\u00f3n PCIe, una llamada a regulator_bulk_free() provocar\u00e1 un p\u00e1nico del kernel. Mientras tanto, imprima el valor del error, ya que no podemos devolver un error hacia arriba, ya que el kernel emitir\u00e1 una advertencia WARN() en caso de un error de add_bus(). [kwilczynski: registro de confirmaciones, usar coma en el mensaje para que coincida con el estilo de otros mensajes similares]\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0\",\"versionEndExcluding\":\"6.1.134\",\"matchCriteriaId\":\"8B65B69C-B52B-4CD1-AEB5-C1EBC486B174\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.87\",\"matchCriteriaId\":\"EFF24260-49B1-4251-9477-C564CFDAD25B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.12.23\",\"matchCriteriaId\":\"26CAB76D-F00F-43CE-BEAD-7097F8FB1D6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.13\",\"versionEndExcluding\":\"6.13.11\",\"matchCriteriaId\":\"E7E864B0-8C00-4679-BA55-659B4C9C3AD3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.14\",\"versionEndExcluding\":\"6.14.2\",\"matchCriteriaId\":\"FADAE5D8-4808-442C-B218-77B2CE8780A0\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/3651ad5249c51cf7eee078e12612557040a6bdb4\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6f44e1fdb006db61394aa4d4c25728ada00842e7\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/7842e842a9bf6bd5866c84f588353711d131ab1a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/99a0efba9f903acbdece548862b6b4cbe7d999e1\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/df63321a40cc98e52313cffbff376b8ae9ceffa7\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/eedd054834930b8d678f0776cd4b091b8fffbb4a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.