CVE-2025-37748 iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group

🗓️ 01 May 2025 12:55:54Reported by GoogleType

osv

osv🔗 osv.dev👁 8 Views

Fix for NULL pointer dereference in Linux kernel iommu/mediatek during device group initialization.

Reporter	Title	Published	Views	Family All 190
AstraLinux	Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12	16 Jun 202511:28	–	astralinux
Circl	CVE-2025-37748	1 May 202513:14	–	circl
CNNVD	Linux kernel 安全漏洞	1 May 202500:00	–	cnnvd
CVE	CVE-2025-37748	1 May 202512:55	–	cve
Cvelist	CVE-2025-37748 iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group	1 May 202512:55	–	cvelist
Debian	[SECURITY] [DLA 4193-1] linux-6.1 security update	29 May 202523:01	–	debian
Debian CVE	CVE-2025-37748	1 May 202512:55	–	debiancve
Tenable Nessus	Debian dla-4193 : linux-config-6.1 - security update	29 May 202500:00	–	nessus
Tenable Nessus	Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20480)	18 Jul 202500:00	–	nessus
Tenable Nessus	Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20530)	19 Aug 202500:00	–	nessus

Source	Link
git	www.git.kernel.org/stable/c/2f75cb27bef43c8692b0f5e471e5632f6a9beb99
git	www.git.kernel.org/stable/c/38e8844005e6068f336a3ad45451a562a0040ca1
git	www.git.kernel.org/stable/c/69f9d2d37d1207c5a73dac52a4ce1361ead707f5
git	www.git.kernel.org/stable/c/6abd09bed43b8d83d461e0fb5b9a200a06aa8a27
git	www.git.kernel.org/stable/c/a0842539e8ef9386c070156103aff888e558a60c
git	www.git.kernel.org/stable/c/ce7d3b2f6f393fa35f0ea12861b83a1ca28b295c
lists	www.lists.debian.org/debian-lts-announce/2025/05/msg00045.html
github	www.github.com/CVEProject/cvelistV5/tree/main/cves/2025/37xxx/CVE-2025-37748.json
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-37748
git	www.git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

02 Apr 2026 12:47Current

6Medium risk

Vulners AI Score6

CVSS 3.15.5

EPSS0.00025

linux kernel null pointer iommu device mediatek vulnerability fix driver data initialization.