CVE-2025-38125 in Linuxinfo

Summary

by MITRE • 07/03/2025

In the Linux kernel, the following vulnerability has been resolved:

net: stmmac: make sure that ptp_rate is not 0 before configuring EST

If the ptp_rate recorded earlier in the driver happens to be 0, this bogus value will propagate up to EST configuration, where it will trigger a division by 0.

Prevent this division by 0 by adding the corresponding check and error code.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Analysis

by VulDB Data Team • 04/18/2026

The vulnerability identified as CVE-2025-38125 affects the Linux kernel's stmmac network driver implementation, specifically within the Ethernet Switch and Time-sensitive Networking (EST) configuration subsystem. This issue resides in the network stack's handling of Precision Time Protocol (PTP) rate values during the initialization of Ethernet Switch Time-sensitive Networking capabilities. The stmmac driver manages hardware that supports IEEE 802.1Qat time-sensitive networking features, which are critical for real-time communication in industrial and automotive applications where precise timing is essential for coordinated operations.

The technical flaw manifests when the driver retrieves a PTP rate value from previous configuration steps and fails to validate this value before proceeding with EST configuration. When the recorded ptp_rate value equals zero, this invalid parameter propagates through the configuration pipeline directly to the EST subsystem where it triggers a division by zero error during the calculation of time synchronization parameters. This mathematical error occurs because the EST implementation relies on the PTP rate value for determining timing intervals and synchronization calculations, making the zero value fundamentally incompatible with the required mathematical operations. The vulnerability represents a classic case of inadequate input validation and error handling within kernel space network drivers, where malformed configuration data can lead to system instability.

The operational impact of this vulnerability extends beyond simple system crashes or hangs, as it can compromise the reliability of time-sensitive network communications in critical infrastructure environments. When a division by zero occurs in kernel space, it typically results in a kernel panic or system lockup, requiring manual intervention and potentially causing service disruption in industrial control systems, automotive networks, or real-time communication platforms that depend on precise timing coordination. The vulnerability affects systems using stmmac network hardware that supports IEEE 802.1Qat features, particularly those implementing time-sensitive networking for applications such as industrial automation, automotive Ethernet systems, and real-time data acquisition networks where timing precision is paramount.

Mitigation strategies for CVE-2025-38125 focus on implementing proper input validation and error handling within the stmmac driver's EST configuration path. The fix involves adding explicit checks to verify that ptp_rate values are non-zero before proceeding with EST parameter calculations, along with appropriate error code handling to gracefully manage invalid configuration states. This approach aligns with the CWE-369 vulnerability classification for division by zero errors and follows ATT&CK technique T1499.004 for operating system binary exploitation. System administrators should ensure kernel updates are applied immediately, particularly in environments where network timing precision is critical. Additionally, monitoring systems should be configured to detect anomalous network behavior that might indicate the vulnerability's exploitation, and network administrators should verify that PTP rate configurations are properly validated at system initialization to prevent the propagation of invalid timing parameters through the network stack.

Responsible

Linux

Reservation

04/16/2025

Disclosure

07/03/2025

Moderation

accepted

CPE

ready

EPSS

0.00158

KEV

no

Activities

very low

Sources

Want to stay up to date on a daily basis?

Enable the mail alert feature now!