CVE-2025-40144 — Kernel vulnerability

3 documents2 sources

Severity

—N/A

No vector

EPSS

No EPSS data

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel

Timeline

PublishedNov 12

Description

In the Linux kernel, the following vulnerability has been resolved: nvdimm: ndtest: Return -ENOMEM if devm_kcalloc() fails in ndtest_probe() devm_kcalloc() may fail. ndtest_probe() allocates three DMA address arrays (dcr_dma, label_dma, dimm_dma) and later unconditionally uses them in ndtest_nvdimm_init(), which can lead to a NULL pointer dereference under low-memory conditions. Check all three allocations and return -ENOMEM if any allocation fails, jumping to the common error path. Do not emit …

Affected Packages2 packages

▶Linuxlinux/linux_kernel5.11.0 — 5.15.195+4

▶Debianlinux/linux_kernel< 6.1.158-1+2

🔴Vulnerability Details

OSV

CVE-2025-40144: In the Linux kernel, the following vulnerability has been resolved: nvdimm: ndtest: Return -ENOMEM if devm_kcalloc() fails in ndtest_probe() devm_kcal↗2025-11-12

▶

GHSA

GHSA-wj7w-q9w8-w88w: In the Linux kernel, the following vulnerability has been resolved: nvdimm: ndtest: Return -ENOMEM if devm_kcalloc() fails in ndtest_probe() devm_kc↗2025-11-12

▶

OSV

nvdimm: ndtest: Return -ENOMEM if devm_kcalloc() fails in ndtest_probe()↗2025-11-12

▶