CVE-2025-38583 in Linux
Summary
by MITRE • 08/19/2025
In the Linux kernel, the following vulnerability has been resolved:
clk: xilinx: vcu: unregister pll_post only if registered correctly
If registration of pll_post is failed, it will be set to NULL or ERR, unregistering same will fail with following call trace:
Unable to handle kernel NULL pointer dereference at virtual address 008 pc : clk_hw_unregister+0xc/0x20 lr : clk_hw_unregister_fixed_factor+0x18/0x30 sp : ffff800011923850 ... Call trace: clk_hw_unregister+0xc/0x20 clk_hw_unregister_fixed_factor+0x18/0x30 xvcu_unregister_clock_provider+0xcc/0xf4 [xlnx_vcu]
xvcu_probe+0x2bc/0x53c [xlnx_vcu]
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 01/09/2026
The vulnerability identified as CVE-2025-38583 resides within the Linux kernel's clock subsystem, specifically affecting the Xilinx VCU (Video Codec Unit) driver implementation. This issue manifests as a critical null pointer dereference condition that occurs during the cleanup phase of clock provider unregistration. The flaw represents a classic resource management error where the driver fails to properly validate the registration state of clock hardware components before attempting to unregister them, creating a potential kernel panic scenario that could compromise system stability and availability.
The technical root cause of this vulnerability stems from improper error handling in the xilinx vcu driver's clock provider registration logic. When the pll_post clock hardware component fails to register correctly, the system sets it to either NULL or an error pointer value, yet the subsequent unregistration process does not account for this failure state. This condition creates a situation where clk_hw_unregister is invoked on a NULL or invalid pointer, leading to the kernel's inability to handle the null pointer dereference gracefully. The call trace demonstrates the execution path that leads to this failure, showing the sequence from the VCU probe function through the fixed factor clock unregistration back to the main clock hardware unregistration routine, ultimately resulting in a kernel oops condition.
The operational impact of this vulnerability extends beyond simple system instability, as it represents a potential denial of service vector that could affect embedded systems and server platforms utilizing Xilinx VCU hardware components. Attackers could potentially trigger this condition through malicious device probing or by exploiting system initialization sequences that cause clock registration failures. The vulnerability affects systems running Linux kernels with the xlnx_vcu driver module enabled, particularly those implementing Xilinx Versal or similar video codec processing units. This issue aligns with CWE-476, specifically Null Pointer Dereference, and could potentially be leveraged in privilege escalation scenarios if combined with other kernel vulnerabilities, though the direct impact remains primarily focused on system stability and availability.
Mitigation strategies for this vulnerability should prioritize immediate kernel updates from vendors who have patched this specific issue, as the fix involves proper validation of clock hardware registration states before attempting unregistration operations. System administrators should ensure that all embedded systems utilizing Xilinx VCU hardware components are updated with patched kernel versions that implement proper null pointer checks in the xvcu_unregister_clock_provider function. Additionally, monitoring systems should be enhanced to detect unusual kernel oops conditions or clock subsystem errors that could indicate exploitation attempts. Organizations should also consider implementing runtime checks for clock provider registration states and establishing proper error handling protocols that prevent unregistration operations on failed registration attempts, aligning with ATT&CK technique T1068 for privilege escalation and T1499 for endpoint denial of service. The fix typically involves adding conditional checks to ensure that clock hardware components are only unregistered if they were successfully registered, preventing the NULL pointer dereference scenario that leads to kernel crashes and system instability.