Home

Description

In the Linux kernel, the following vulnerability has been resolved: hwmon: (cgbc-hwmon) Add missing NULL check after devm_kzalloc() The driver allocates memory for sensor data using devm_kzalloc(), but did not check if the allocation succeeded. In case of memory allocation failure, dereferencing the NULL pointer would lead to a kernel crash. Add a NULL pointer check and return -ENOMEM to handle allocation failure properly.

PUBLISHED Reserved 2025-04-16 | Published 2025-12-04 | Updated 2025-12-04 | Assigner Linux

Product status

Default status
unaffected

08ebc9def79fc0c4dbb6ecc39263006e3f98b750 (git) before 240b82b86a091c1aa49d951d4467425420a081a0
affected

08ebc9def79fc0c4dbb6ecc39263006e3f98b750 (git) before a09a5aa8bf258ddc99a22c30f17fe304b96b5350
affected

Default status
affected

6.15
affected

Any version before 6.15
unaffected

6.17.6 (semver)
unaffected

6.18 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/240b82b86a091c1aa49d951d4467425420a081a0

git.kernel.org/...c/a09a5aa8bf258ddc99a22c30f17fe304b96b5350

cve.org (CVE-2025-40224)

nvd.nist.gov (CVE-2025-40224)