VDB
DEBIAN-CVE-2025-40144
DEBIAN-CVE-2025-40144
REJECTED
In the Linux kernel, the following vulnerability has been resolved: nvdimm: ndtest: Return -ENOMEM if devm_kcalloc() fails in ndtest_probe() devm_kcalloc() may fail. ndtest_probe() allocates three DMA address arrays (dcr_dma, label_dma, dimm_dma) and later unconditionally uses them in ndtest_nvdimm_init(), which can lead to a NULL pointer dereference under low-memory conditions. Check all three allocations and return -ENOMEM if any allocation fails, jumping to the common error path. Do not emit an extra error message since the allocator already warns on allocation failure.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | linux | 6.1.140-1, 0, 6.1.106-3 |
| Debian:13 | linux | 6.12.48-1, 6.12.57-1, 6.12.43-1~bpo12+1 |
| Debian:14 | linux | 6.16, 6.17.5-1, * |
| Debian | linux |
Exploit Intelligence
- 4081.3.7.yml (github-poc)
- CVE-2025-40144.json (github-poc)
Timeline
- Nov 21, 2025 CVE Rejected