CVE-2025-38145
📋 TL;DR
A NULL pointer dereference vulnerability exists in the Linux kernel's aspeed_lpc_enable_snoop() function due to missing NULL check after memory allocation failure. This could cause kernel crashes or denial of service on systems using ASPEED LPC hardware. Affects Linux systems with ASPEED BMC hardware support.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially requiring physical reboot.
Likely Case
System crash or instability when the specific memory allocation fails during LPC snoop initialization.
If Mitigated
Minor performance impact from additional NULL check with no security impact when patched.
🎯 Exploit Status
Exploitation requires triggering memory allocation failure in specific kernel function, typically requiring local access or hardware manipulation.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel commits: 1fd889c145722579aa038c31cbc07cfdd4d75166, 2beee9cf833374550e673d428ad8b6ab37c175b3, 45b2e8b0fdd280aba04c3cc869e9ae500c44e4b7, 8312b1f776f71979bf33bda7acc05b348e8792c7, c550999f939b529d28a914d5034cc4290066aea6
Vendor Advisory: https://git.kernel.org/stable/c/1fd889c145722579aa038c31cbc07cfdd4d75166
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. Check with your distribution for backported patches. 3. Reboot system after kernel update.
🔧 Temporary Workarounds
Disable ASPEED LPC snoop if not needed
linuxPrevent the vulnerable function from being called by disabling LPC snoop functionality
echo 0 > /sys/class/misc/aspeed-lpc-snoop/device/snoop_enable
🧯 If You Can't Patch
- Restrict local access to systems with ASPEED hardware
- Monitor system logs for kernel panic or oops messages related to aspeed_lpc
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if ASPEED LPC driver is loaded: lsmod | grep aspeed_lpcCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits or check /proc/version for patched kernel📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- NULL pointer dereference in kernel logs
- aspeed_lpc related crash in dmesg
Network Indicators:
- None - local vulnerability only
SIEM Query:
search 'kernel panic' OR 'NULL pointer dereference' AND 'aspeed_lpc' in system logs🔗 References
- https://git.kernel.org/stable/c/1fd889c145722579aa038c31cbc07cfdd4d75166
- https://git.kernel.org/stable/c/2beee9cf833374550e673d428ad8b6ab37c175b3
- https://git.kernel.org/stable/c/45b2e8b0fdd280aba04c3cc869e9ae500c44e4b7
- https://git.kernel.org/stable/c/8312b1f776f71979bf33bda7acc05b348e8792c7
- https://git.kernel.org/stable/c/c550999f939b529d28a914d5034cc4290066aea6
- https://git.kernel.org/stable/c/d62a589eaaec6385e3e2b25cf5a28b4560ace93f
- https://git.kernel.org/stable/c/f1706e0e1a74b095cbc60375b9b1e6205f5f4c98
- https://git.kernel.org/stable/c/f697ef117ecbf3a367dfc559a6a3589905956530
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
