CVE-2025-40015

Summary

In the Linux kernel, the following vulnerability has been resolved:

media: stm32-csi: Fix dereference before NULL check

In 'stm32_csi_start', 'csidev->s_subdev' is dereferenced directly while assigning a value to the 'src_pad'. However the same value is being checked against NULL at a later point of time indicating that there are chances that the value can be NULL.

Move the dereference after the NULL check.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxe7bad98c205d17c745de9d83ebf73e53cbf99d48 < 1f053d82e59c785b2b939cbed12f13657f84b296affected
LinuxLinuxe7bad98c205d17c745de9d83ebf73e53cbf99d48 < 4eeafff163e80d576c5efc1360ae310c0ceedd02affected
LinuxLinuxe7bad98c205d17c745de9d83ebf73e53cbf99d48 < 80eaf32672871bd2623ce6ba13ffc1f018756580affected
LinuxLinux6.15affected
LinuxLinux0 < 6.15unaffected
LinuxLinux6.16.11 <= 6.16.*unaffected
LinuxLinux6.17.1 <= 6.17.*unaffected
LinuxLinux6.18 <= *unaffected

Weaknesses

References