CVE-2025-40116

Summary

In the Linux kernel, the following vulnerability has been resolved:

usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup

The kthread_run() function returns error pointers so the max3421_hcd->spi_thread pointer can be either error pointers or NULL. Check for both before dereferencing it.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux05dfa5c9bc37933181b619e42ec0eeb41ef31362 < 89838fe5c6c010ff8d3924f22afd9c18c5c95310affected
LinuxLinux05dfa5c9bc37933181b619e42ec0eeb41ef31362 < 3facf69a735e730ae36387f18780fe420708aa91affected
LinuxLinux05dfa5c9bc37933181b619e42ec0eeb41ef31362 < e0e0ce06f3571be9b26790e4df56ba37b1de8543affected
LinuxLinux05dfa5c9bc37933181b619e42ec0eeb41ef31362 < 3723c3dda1cc82c9bbca08fcbd46705a361bfd56affected
LinuxLinux05dfa5c9bc37933181b619e42ec0eeb41ef31362 < b0439e3762ac9ea580f714e1504a1827d1ad32f5affected
LinuxLinux05dfa5c9bc37933181b619e42ec0eeb41ef31362 < e68ea6de1d0551f90d7a2c75f82cb3ebe5e397dcaffected
LinuxLinux05dfa5c9bc37933181b619e42ec0eeb41ef31362 < b682ce44bf20ada752a2f6ce70d5a575c56f6a35affected
LinuxLinux05dfa5c9bc37933181b619e42ec0eeb41ef31362 < 186e8f2bdba551f3ae23396caccd452d985c23e3affected
LinuxLinux3.16affected
LinuxLinux0 < 3.16unaffected
LinuxLinux5.4.301 <= 5.4.*unaffected
LinuxLinux5.10.246 <= 5.10.*unaffected
LinuxLinux5.15.195 <= 5.15.*unaffected
LinuxLinux6.1.156 <= 6.1.*unaffected
LinuxLinux6.6.112 <= 6.6.*unaffected
LinuxLinux6.12.53 <= 6.12.*unaffected
LinuxLinux6.17.3 <= 6.17.*unaffected
LinuxLinux6.18 <= *unaffected

Weaknesses

References