CVE-2025-38265

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> serial: jsm: fix NPE during jsm_uart_port_init<br /> <br /> No device was set which caused serial_base_ctrl_add to crash.<br /> <br /> BUG: kernel NULL pointer dereference, address: 0000000000000050<br /> Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI<br /> CPU: 16 UID: 0 PID: 368 Comm: (udev-worker) Not tainted 6.12.25-amd64 #1 Debian 6.12.25-1<br /> RIP: 0010:serial_base_ctrl_add+0x96/0x120<br /> Call Trace:<br /> <br /> serial_core_register_port+0x1a0/0x580<br /> ? __setup_irq+0x39c/0x660<br /> ? __kmalloc_cache_noprof+0x111/0x310<br /> jsm_uart_port_init+0xe8/0x180 [jsm]<br /> jsm_probe_one+0x1f4/0x410 [jsm]<br /> local_pci_probe+0x42/0x90<br /> pci_device_probe+0x22f/0x270<br /> really_probe+0xdb/0x340<br /> ? pm_runtime_barrier+0x54/0x90<br /> ? __pfx___driver_attach+0x10/0x10<br /> __driver_probe_device+0x78/0x110<br /> driver_probe_device+0x1f/0xa0<br /> __driver_attach+0xba/0x1c0<br /> bus_for_each_dev+0x8c/0xe0<br /> bus_add_driver+0x112/0x1f0<br /> driver_register+0x72/0xd0<br /> jsm_init_module+0x36/0xff0 [jsm]<br /> ? __pfx_jsm_init_module+0x10/0x10 [jsm]<br /> do_one_initcall+0x58/0x310<br /> do_init_module+0x60/0x230<br /> <br /> Tested with Digi Neo PCIe 8 port card.