DEBIAN-CVE-2025-40162

DEBIAN-CVE-2025-40162 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: ASoC: amd/sdw_utils: avoid NULL deref when devm_kasprintf() fails devm_kasprintf() may return NULL on memory allocation failure, but the debug message prints cpus->dai_name before checking it. Move the dev_dbg() call after the NULL check to prevent potential NULL pointer dereference.

Affected Products

Vendor	Product	Versions
Debian:13	linux	0, 6.12.38-1, 6.12.41-1
Debian:14	linux	6.12.74-2, 6.12.74-2~bpo12+1, 6.13.10-1~exp1

Timeline

Nov 12, 2025 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2025-40162 advisory

Open in Interactive Console →