Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-22066

In the Linux kernel, the following vulnerability has been resolved: ASoC: imx-card: Add NULL check in imx_card_probe() devm_kasprintf() returns NULL when memory allocation fails. Currently, imx_card_probe() does not check for this case, which results in a NULL pointer dereference. Add NULL check after devm_kasprintf() to prevent this issue.

Published

2025-04-16T15:16:00.810

Last Modified

2025-11-03T20:17:41.547

Status

Modified

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

Severity

CVSSv3.1: 5.5 (MEDIUM)

Weaknesses

Type: Primary
CWE-476
Type: Secondary
CWE-476

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	linux	linux_kernel	< 5.15.180	Yes
Operating System	linux	linux_kernel	< 6.1.134	Yes
Operating System	linux	linux_kernel	< 6.6.87	Yes
Operating System	linux	linux_kernel	< 6.12.23	Yes
Operating System	linux	linux_kernel	< 6.13.11	Yes
Operating System	linux	linux_kernel	< 6.14.2	Yes

References

https://git.kernel.org/stable/c/018e6cf2503e60087747b0ebc190e18b3640766f Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/38253922a89a742e7e622f626b41c64388367361 Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/4d8458e48ff135bddc402ad79821dc058ea163d0 Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/93d34608fd162f725172e780b1c60cc93a920719 Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/b01700e08be99e3842570142ec5973ccd7e73eaf Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/dd2bbb9564d0d24a2643ad90008a79840368c4b4 Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/e283a5bf4337a7300ac5e6ae363cc8b242a0b4b7 Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html (af854a3a-2127-422b-91ae-364da2661108)