CVE Catalog

CVE-2025-38125

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.16%

5th percentile - higher than 5% of all known CVEs

Summary

In the Linux kernel, a vulnerability was found in the stmmac driver where the ptp_rate value is not validated before being used in EST configuration. If ptp_rate is 0, a division by zero occurs, potentially causing a system crash.

Risk Assessment

The risk involves a division by zero error that could lead to system hang or crash, especially in environments using Precision Time Protocol (PTP) for network synchronization.

Recommendation

Immediately update the Linux kernel to a version containing the fix (commit adding ptp_rate check before EST configuration). Monitor official security advisories from your Linux distribution.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: make sure that ptp_rate is not 0 before configuring EST If the ptp_rate recorded earlier in the driver happens to be 0, this bogus value will propagate up to EST configuration, where it will trigger a division by 0. Prevent this division by 0 by adding the corresponding check and error code.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS