1. Home
  2. Vulnerabilities
  3. CVE-2025-40346
0.0
NA
CVE-2025-40346
arch_topology: Fix incorrect error check in topology_parse_cpu_capacity()
Description

In the Linux kernel, the following vulnerability has been resolved: arch_topology: Fix incorrect error check in topology_parse_cpu_capacity() Fix incorrect use of PTR_ERR_OR_ZERO() in topology_parse_cpu_capacity() which causes the code to proceed with NULL clock pointers. The current logic uses !PTR_ERR_OR_ZERO(cpu_clk) which evaluates to true for both valid pointers and NULL, leading to potential NULL pointer dereference in clk_get_rate(). Per include/linux/err.h documentation, PTR_ERR_OR_ZERO(ptr) returns: "The error code within @ptr if it is an error pointer; 0 otherwise." This means PTR_ERR_OR_ZERO() returns 0 for both valid pointers AND NULL pointers. Therefore !PTR_ERR_OR_ZERO(cpu_clk) evaluates to true (proceed) when cpu_clk is either valid or NULL, causing clk_get_rate(NULL) to be called when of_clk_get() returns NULL. Replace with !IS_ERR_OR_NULL(cpu_clk) which only proceeds for valid pointers, preventing potential NULL pointer dereference in clk_get_rate().

INFO

Published Date :

Dec. 16, 2025, 2:15 p.m.

Last Modified :

Dec. 16, 2025, 2:15 p.m.

Remotely Exploit :

No

Source :

416baaa9-dc9f-4396-8d5f-8c081fb06d67
Affected Products

The following products are affected by CVE-2025-40346 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Linux linux_kernel
: Total Affected Vendor : 1 | Products : 1
Solution
Fix NULL pointer dereference by checking for invalid clock pointers correctly.
  • Update the Linux kernel.
  • Ensure correct error checking for clock pointers.
  • Replace PTR_ERR_OR_ZERO with IS_ERR_OR_NULL.
  • Prevent NULL pointer dereferences in clk_get_rate.
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2025-40346.

URL Resource
https://git.kernel.org/stable/c/02fbea0864fd4a863671f5d418129258d7159f68
https://git.kernel.org/stable/c/2eead19334516c8e9927c11b448fbe512b1f18a1
https://git.kernel.org/stable/c/3373f263bb647fcc3b5237cfaef757633b9ee25e
https://git.kernel.org/stable/c/3a01b2614e84361aa222f67bc628593987e5cdb2
https://git.kernel.org/stable/c/45379303124487db3a81219af7565d41f498167f
https://git.kernel.org/stable/c/64da320252e43456cc9ec3055ff567f168467b37
https://git.kernel.org/stable/c/a77f8434954cb1e9c42c3854e40855fdcf5ab235
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2025-40346 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2025-40346 weaknesses.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2025-40346 vulnerability anywhere in the article.

Results are limited to the first 20 news articles due to potential performance issues.

The following table lists the changes that have been made to the CVE-2025-40346 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Dec. 16, 2025

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved: arch_topology: Fix incorrect error check in topology_parse_cpu_capacity() Fix incorrect use of PTR_ERR_OR_ZERO() in topology_parse_cpu_capacity() which causes the code to proceed with NULL clock pointers. The current logic uses !PTR_ERR_OR_ZERO(cpu_clk) which evaluates to true for both valid pointers and NULL, leading to potential NULL pointer dereference in clk_get_rate(). Per include/linux/err.h documentation, PTR_ERR_OR_ZERO(ptr) returns: "The error code within @ptr if it is an error pointer; 0 otherwise." This means PTR_ERR_OR_ZERO() returns 0 for both valid pointers AND NULL pointers. Therefore !PTR_ERR_OR_ZERO(cpu_clk) evaluates to true (proceed) when cpu_clk is either valid or NULL, causing clk_get_rate(NULL) to be called when of_clk_get() returns NULL. Replace with !IS_ERR_OR_NULL(cpu_clk) which only proceeds for valid pointers, preventing potential NULL pointer dereference in clk_get_rate().
    Added Reference https://git.kernel.org/stable/c/02fbea0864fd4a863671f5d418129258d7159f68
    Added Reference https://git.kernel.org/stable/c/2eead19334516c8e9927c11b448fbe512b1f18a1
    Added Reference https://git.kernel.org/stable/c/3373f263bb647fcc3b5237cfaef757633b9ee25e
    Added Reference https://git.kernel.org/stable/c/3a01b2614e84361aa222f67bc628593987e5cdb2
    Added Reference https://git.kernel.org/stable/c/45379303124487db3a81219af7565d41f498167f
    Added Reference https://git.kernel.org/stable/c/64da320252e43456cc9ec3055ff567f168467b37
    Added Reference https://git.kernel.org/stable/c/a77f8434954cb1e9c42c3854e40855fdcf5ab235
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
Vulnerability Scoring Details
No CVSS metrics available for this vulnerability.