CVE-2025-40045

Summary

In the Linux kernel, the following vulnerability has been resolved:

ASoC: codecs: wcd937x: set the comp soundwire port correctly

For some reason we endup with setting soundwire port for HPHL_COMP and HPHR_COMP as zero, this can potentially result in a memory corruption due to accessing and setting -1 th element of port_map array.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux82be8c62a38c6a44e64ecb29d7a9b5cb35c6cad4 < abcd537aae3b84c6d10ad147e99a204bcb56b234affected
LinuxLinux82be8c62a38c6a44e64ecb29d7a9b5cb35c6cad4 < 1a1ca38392e7e896075afc8905ddaea525ed30f7affected
LinuxLinux82be8c62a38c6a44e64ecb29d7a9b5cb35c6cad4 < 66a940b1bf48a7095162688332d725ba160154ebaffected
LinuxLinux6.11affected
LinuxLinux0 < 6.11unaffected
LinuxLinux6.12.53 <= 6.12.*unaffected
LinuxLinux6.17.3 <= 6.17.*unaffected
LinuxLinux6.18 <= *unaffected

Weaknesses

References