Wind River Support Network

HomeDefectsLIN1021-15278
Acknowledged

LIN1021-15278 : Security Advisory - linux - CVE-2025-39728

Created: Apr 20, 2025    Updated: Jun 17, 2025
Found In Version: 10.21.20.1
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Kernel

Description

In the Linux kernel, the following vulnerability has been resolved:

clk: samsung: Fix UBSAN panic in samsung_clk_init()

With UBSAN_ARRAY_BOUNDS=y, I'm hitting the below panic due to
dereferencing `ctx->clk_data.hws` before setting
`ctx->clk_data.num = nr_clks`. Move that up to fix the crash.

  UBSAN: array index out of bounds: 00000000f2005512 #1] PREEMPT SMP
  <snip>
  Call trace:
   samsung_clk_init+0x110/0x124 (P)
   samsung_clk_init+0x48/0x124 (L)
   samsung_cmu_register_one+0x3c/0xa0
   exynos_arm64_register_cmu+0x54/0x64
   __gs101_cmu_top_of_clk_init_declare+0x28/0x60
   ...

CREATE(Triage):(User=admin) [CVE-2025-39728 (https://nvd.nist.gov/vuln/detail/CVE-2025-39728)
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube