CVE-2025-40162 — Linux vulnerability

15 documents6 sources

Severity

4.0MEDIUM

No vector

EPSS

0.0%

top 94.67%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedNov 12

Latest updateFeb 24

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: amd/sdw_utils: avoid NULL deref when devm_kasprintf() fails devm_kasprintf() may return NULL on memory allocation failure, but the debug message prints cpus->dai_name before checking it. Move the dev_dbg() call after the NULL check to prevent potential NULL pointer dereference.

Affected Packages5 packages

▶Linuxlinux/linux_kernel6.12.0 — 6.12.55+1

▶Debianlinux/linux_kernel< 6.12.57-1+1

▶Ubuntulinux/linux_kernel< 6.17.0-14.14

▶CVEListV5linux/linuxcb8ea62e6402067ba092d4c1d66a9440513a572b — 095d692e5997ece300c89f10d903d5230090e6a0+3

▶debiandebian/linux< linux 6.17.6-1 (forky)

🔴Vulnerability Details

OSV

linux-azure vulnerabilities↗2026-02-24

▶

OSV

linux-oem-6.17 vulnerabilities↗2026-02-17

▶

OSV

linux-aws, linux-oracle vulnerabilities↗2026-02-17

▶

OSV

linux-gcp vulnerabilities↗2026-02-12

▶

OSV

linux, linux-raspi, linux-realtime vulnerabilities↗2026-02-12

▶

📋Vendor Advisories

Ubuntu

Linux kernel (Azure) vulnerabilities↗2026-02-24

▶

Ubuntu

Linux kernel (OEM) vulnerabilities↗2026-02-17

▶

Ubuntu

Linux kernel (GCP) vulnerabilities↗2026-02-12

▶

Ubuntu

Linux kernel vulnerabilities↗2026-02-12

▶

Red Hat

kernel: ASoC: amd/sdw_utils: avoid NULL deref when devm_kasprintf() fails↗2025-11-12

▶