CVE-2025-23137: cpufreq/amd-pstate: Add missing NULL ptr check in amd_pstate_update
Description
In the Linux kernel, the following vulnerability has been resolved:
cpufreq/amd-pstate: Add missing NULL ptr check in amd_pstate_update
Check if policy is NULL before dereferencing it in amd_pstate_update.
Classification
CVE ID: CVE-2025-23137
Affected Products
Vendor: Linux
Product: Linux, Linux
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.02% (probability of being exploited)
EPSS Percentile: 3.27% (scored less or equal to compared to others)
EPSS Date: 2025-04-18 (when was this score calculated)
References
https://nvd.nist.gov/vuln/detail/CVE-2025-23137https://git.kernel.org/stable/c/b99c1c63d88c75a4dc5487c3696cda38697b8d35
https://git.kernel.org/stable/c/426db24d4db2e4f0d6720aeb7795eafcb9e82640