CVE-2025-38381 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: Input: cs40l50-vibra - fix potential NULL dereference in cs40l50_upload_owt() The cs40l50_upload_owt() function allocates memory via kmalloc() without checking for allocation failure, which could lead to a NULL pointer dereference. Return -ENOMEM in case allocation fails.

PUBLISHED Reserved 2025-04-16 | Published 2025-07-25 | Updated 2025-07-28 | Assigner Linux

Product status

Default status

unaffected

c38fe1bb5d21c2ce0857965ee06174ee587d6b42 (git) before ea20568895c1122f15b6fc9e8d02c6cbe22964f8

affected

c38fe1bb5d21c2ce0857965ee06174ee587d6b42 (git) before e87fc697fa4be5164e47cfba4ddd4732499adc60

affected

c38fe1bb5d21c2ce0857965ee06174ee587d6b42 (git) before 4cf65845fdd09d711fc7546d60c9abe010956922

affected

Default status

affected

6.11

affected

Any version before 6.11

unaffected

6.12.37 (semver)

unaffected

6.15.6 (semver)

unaffected

6.16 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/ea20568895c1122f15b6fc9e8d02c6cbe22964f8

git.kernel.org/...c/e87fc697fa4be5164e47cfba4ddd4732499adc60

git.kernel.org/...c/4cf65845fdd09d711fc7546d60c9abe010956922

cve.org (CVE-2025-38381)

nvd.nist.gov (CVE-2025-38381)

help @ threatint.eu