CVE-2025-22095

PCI: brcmstb: Fix error path after a call to regulator_bulk_get()

Description

In the Linux kernel, the following vulnerability has been resolved: PCI: brcmstb: Fix error path after a call to regulator_bulk_get() If the regulator_bulk_get() returns an error and no regulators are created, we need to set their number to zero. If we don't do this and the PCIe link up fails, a call to the regulator_bulk_free() will result in a kernel panic. While at it, print the error value, as we cannot return an error upwards as the kernel will WARN() on an error from add_bus(). [kwilczynski: commit log, use comma in the message to match style with other similar messages]

N/A
CVSS
Severity:
EPSS 0.06%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/99a0efba9f903acbdece548862b6b4cbe7d999e1
https://git.kernel.org/stable/c/eedd054834930b8d678f0776cd4b091b8fffbb4a
https://git.kernel.org/stable/c/df63321a40cc98e52313cffbff376b8ae9ceffa7
https://git.kernel.org/stable/c/7842e842a9bf6bd5866c84f588353711d131ab1a
https://git.kernel.org/stable/c/6f44e1fdb006db61394aa4d4c25728ada00842e7
https://git.kernel.org/stable/c/3651ad5249c51cf7eee078e12612557040a6bdb4

Frequently Asked Questions

What is the severity of CVE-2025-22095?
CVE-2025-22095 has not yet been assigned a CVSS score.
How to fix CVE-2025-22095?
To fix CVE-2025-22095, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2025-22095 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2025-22095 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-22095?
CVE-2025-22095 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.