CVE-2025-38381

Summary

In the Linux kernel, the following vulnerability has been resolved:

Input: cs40l50-vibra - fix potential NULL dereference in cs40l50_upload_owt()

The cs40l50_upload_owt() function allocates memory via kmalloc() without checking for allocation failure, which could lead to a NULL pointer dereference.

Return -ENOMEM in case allocation fails.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxc38fe1bb5d21c2ce0857965ee06174ee587d6b42 < ea20568895c1122f15b6fc9e8d02c6cbe22964f8affected
LinuxLinuxc38fe1bb5d21c2ce0857965ee06174ee587d6b42 < e87fc697fa4be5164e47cfba4ddd4732499adc60affected
LinuxLinuxc38fe1bb5d21c2ce0857965ee06174ee587d6b42 < 4cf65845fdd09d711fc7546d60c9abe010956922affected
LinuxLinux6.11affected
LinuxLinux0 < 6.11unaffected
LinuxLinux6.12.37 <= 6.12.*unaffected
LinuxLinux6.15.6 <= 6.15.*unaffected
LinuxLinux6.16 <= *unaffected

Weaknesses

References