CVE-2025-40097

Summary

In the Linux kernel, the following vulnerability has been resolved:

ALSA: hda: Fix missing pointer check in hda_component_manager_init function

The __component_match_add function may assign the 'matchptr' pointer the value ERR_PTR(-ENOMEM), which will subsequently be dereferenced.

The call stack leading to the error looks like this:

hda_component_manager_init |-> component_match_add |-> component_match_add_release |-> __component_match_add ( … ,**matchptr, … ) |-> *matchptr = ERR_PTR(-ENOMEM); // assign |-> component_master_add_with_match( … match) |-> component_match_realloc(match, match->num); // dereference

Add IS_ERR() check to prevent the crash.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxae7abe36e352eddf8e30d3b1ea3fb402514ba13b < 218a8504e62fc2c8a1fd12523346b7a2b9bd2474affected
LinuxLinuxae7abe36e352eddf8e30d3b1ea3fb402514ba13b < 47d1b9ca923b55c3f407788f1f15b04957e0e027affected
LinuxLinuxae7abe36e352eddf8e30d3b1ea3fb402514ba13b < 1cf11d80db5df805b538c942269e05a65bcaf5bcaffected
LinuxLinux5.17affected
LinuxLinux0 < 5.17unaffected
LinuxLinux6.12.59 <= 6.12.*unaffected
LinuxLinux6.17.5 <= 6.17.*unaffected
LinuxLinux6.18 <= *unaffected

Weaknesses

References