CVE-2025-40224
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
hwmon: (cgbc-hwmon) Add missing NULL check after devm_kzalloc()
The driver allocates memory for sensor data using devm_kzalloc(), but did not check if the allocation succeeded. In case of memory allocation failure, dereferencing the NULL pointer would lead to a kernel crash.
Add a NULL pointer check and return -ENOMEM to handle allocation failure properly.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 08ebc9def79fc0c4dbb6ecc39263006e3f98b750 < 240b82b86a091c1aa49d951d4467425420a081a0 | affected |
| Linux | Linux | 08ebc9def79fc0c4dbb6ecc39263006e3f98b750 < a09a5aa8bf258ddc99a22c30f17fe304b96b5350 | affected |
| Linux | Linux | 6.15 | affected |
| Linux | Linux | 0 < 6.15 | unaffected |
| Linux | Linux | 6.17.6 <= 6.17.* | unaffected |
| Linux | Linux | 6.18 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/240b82b86a091c1aa49d951d4467425420a081a0
- https://git.kernel.org/stable/c/a09a5aa8bf258ddc99a22c30f17fe304b96b5350
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.