CVE-2025-40097

UNKNOWN 0.0

ALSA: hda: Fix missing pointer check in hda_component_manager_init function

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix missing pointer check in hda_component_manager_init function The __component_match_add function may assign the 'matchptr' pointer the value ERR_PTR(-ENOMEM), which will subsequently be dereferenced. The call stack leading to the error looks like this: hda_component_manager_init |-> component_match_add |-> component_match_add_release |-> __component_match_add ( ... ,**matchptr, ... ) |-> *matchptr = ERR_PTR(-ENOMEM); // assign |-> component_master_add_with_match( ... match) |-> component_match_realloc(match, match->num); // dereference Add IS_ERR() check to prevent the crash. Found by Linux Verification Center (linuxtesting.org) with SVACE.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Oct 30, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

ae7abe36e352eddf8e30d3b1ea3fb402514ba13b < 218a8504e62fc2c8a1fd12523346b7a2b9bd2474 ae7abe36e352eddf8e30d3b1ea3fb402514ba13b < 47d1b9ca923b55c3f407788f1f15b04957e0e027 ae7abe36e352eddf8e30d3b1ea3fb402514ba13b < 1cf11d80db5df805b538c942269e05a65bcaf5bc

Linux / Linux

5.17

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/218a8504e62fc2c8a1fd12523346b7a2b9bd2474 git.kernel.org: https://git.kernel.org/stable/c/47d1b9ca923b55c3f407788f1f15b04957e0e027 git.kernel.org: https://git.kernel.org/stable/c/1cf11d80db5df805b538c942269e05a65bcaf5bc