CVEFinder.io

CVE-2025-39954

🔶 medium
Summary

In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: mp: Fix dual-divider clock rate readback When dual-divider clock support was introduced, the P divider offset was left out of the .recalc_rate readback function. This causes the clock rate to become bogus or even zero (possibly due to the P divider being 1, leading to a divide-by-zero). Fix this by incorporating the P divider offset into the calculation.

CVSS Score
5.5
Medium
EPSS Score
0.0
Exploit Probability
Published Date
2025-10-09
First Seen: 2026-01-05
Last Modified 2026-02-03
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE IDs (Weakness Types)
CWE-369

🔗 References 2

https://git.kernel.org/stable/c/25fbbaf515acd1339958...
Patch
https://git.kernel.org/stable/c/40108f69c372af3aea73...
Patch

📦 Affected Products 5

Vendor Product Status Affected Versions
linux linux_kernel Affected
> 6.15 < 6.16.9
linux linux_kernel Affected
v6.17
linux linux Affected
≥ 45717804b75eda8a76eacc04509ca4d68dd2caaf < 25fbbaf515acd13399589bd5ee6de5f35740cef2
linux linux Affected
≥ 45717804b75eda8a76eacc04509ca4d68dd2caaf < 40108f69c372af3aea73e7829d6849a44638d662
linux linux Affected
v6.15

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2025-68338 🔶 medium - 0.0 In the Linux kernel, the following vulnerability has been resolved: net: dsa: microchip: Don't free uninitialized ksz_i... 2025-12-23
CVE-2025-68339 🔶 medium - 0.0 In the Linux kernel, the following vulnerability has been resolved: atm/fore200e: Fix possible data race in fore200e_op... 2025-12-23
CVE-2025-68340 🔶 medium - 0.0 In the Linux kernel, the following vulnerability has been resolved: team: Move team device type change at the end of te... 2025-12-23
CVE-2025-68341 🔶 medium - 0.0 In the Linux kernel, the following vulnerability has been resolved: veth: reduce XDP no_direct return section to fix ra... 2025-12-23
CVE-2025-68342 🔶 medium - 0.0 In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_receive_bulk_callback(): check ... 2025-12-23
CVE-2025-68343 🔶 medium - 0.0 In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_receive_bulk_callback(): check ... 2025-12-23
These CVEs affect the same products