CVE-2025-40015 — Linux vulnerability

6 documents5 sources

Severity

—N/A

No vector

EPSS

0.0%

top 93.65%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedOct 20

Description

In the Linux kernel, the following vulnerability has been resolved: media: stm32-csi: Fix dereference before NULL check In 'stm32_csi_start', 'csidev->s_subdev' is dereferenced directly while assigning a value to the 'src_pad'. However the same value is being checked against NULL at a later point of time indicating that there are chances that the value can be NULL. Move the dereference after the NULL check.

Affected Packages4 packages

▶Linuxlinux/linux_kernel6.15.0 — 6.16.11+1

▶Debianlinux/linux_kernel< 6.16.11-1

▶CVEListV5linux/linuxe7bad98c205d17c745de9d83ebf73e53cbf99d48 — 1f053d82e59c785b2b939cbed12f13657f84b296+3

▶debiandebian/linux< linux 6.16.11-1 (forky)

🔴Vulnerability Details

OSV

CVE-2025-40015: In the Linux kernel, the following vulnerability has been resolved: media: stm32-csi: Fix dereference before NULL check In 'stm32_csi_start', 'csidev-↗2025-10-20

▶

OSV

media: stm32-csi: Fix dereference before NULL check↗2025-10-20

▶

GHSA

GHSA-6ggw-vcg3-gj6g: In the Linux kernel, the following vulnerability has been resolved: media: stm32-csi: Fix dereference before NULL check In 'stm32_csi_start', 'cside↗2025-10-20

▶

📋Vendor Advisories

Red Hat

kernel: media: stm32-csi: Fix dereference before NULL check↗2025-10-20

▶

Debian

CVE-2025-40015: linux - In the Linux kernel, the following vulnerability has been resolved: media: stm3...↗2025

▶