CVE-2025-38125
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk5th percentile - higher than 5% of all known CVEs
Summary
In the Linux kernel, a vulnerability was found in the stmmac driver where the ptp_rate value is not validated before being used in EST configuration. If ptp_rate is 0, a division by zero occurs, potentially causing a system crash.
Risk Assessment
The risk involves a division by zero error that could lead to system hang or crash, especially in environments using Precision Time Protocol (PTP) for network synchronization.
Recommendation
Immediately update the Linux kernel to a version containing the fix (commit adding ptp_rate check before EST configuration). Monitor official security advisories from your Linux distribution.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: make sure that ptp_rate is not 0 before configuring EST If the ptp_rate recorded earlier in the driver happens to be 0, this bogus value will propagate up to EST configuration, where it will trigger a division by 0. Prevent this division by 0 by adding the corresponding check and error code.

