CVE-2025-40154

Summary

In the Linux kernel, the following vulnerability has been resolved:

ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping

When an invalid value is passed via quirk option, currently bytcr_rt5640 driver only shows an error message but leaves as is. This may lead to unepxected results like OOB access.

This patch corrects the input mapping to the certain default value if an invalid value is passed.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux063422ca2a9de238401c3848c1b3641c07b6316c < 2c27e047bdcba457ec953f7e90e4ed6d5f8aeb01affected
LinuxLinux063422ca2a9de238401c3848c1b3641c07b6316c < a97b4d18ecb012c5624cdf2cab2ce5e1312fdd5daffected
LinuxLinux063422ca2a9de238401c3848c1b3641c07b6316c < dea9c8c9028c9374761224a7f9d824e845a2aa2eaffected
LinuxLinux063422ca2a9de238401c3848c1b3641c07b6316c < f58fca15f3bf8b982e799c31e4afa8923788aa40affected
LinuxLinux063422ca2a9de238401c3848c1b3641c07b6316c < 29a41bf6422688f0c5a09b18222e1a64b2629fa4affected
LinuxLinux063422ca2a9de238401c3848c1b3641c07b6316c < 5c03ea2ef4ebba75c69c90929d8590eb3d3797a9affected
LinuxLinux063422ca2a9de238401c3848c1b3641c07b6316c < 48880f3cdf2b6d8dcd91219c5b5c8a7526411322affected
LinuxLinux063422ca2a9de238401c3848c1b3641c07b6316c < fba404e4b4af4f4f747bb0e41e9fff7d03c7bcc0affected
LinuxLinux4.18affected
LinuxLinux0 < 4.18unaffected
LinuxLinux5.4.301 <= 5.4.*unaffected
LinuxLinux5.10.246 <= 5.10.*unaffected
LinuxLinux5.15.195 <= 5.15.*unaffected
LinuxLinux6.1.156 <= 6.1.*unaffected
LinuxLinux6.6.112 <= 6.6.*unaffected
LinuxLinux6.12.53 <= 6.12.*unaffected
LinuxLinux6.17.3 <= 6.17.*unaffected
LinuxLinux6.18 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References