Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-38225

In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Cleanup after an allocation error When allocation failures are not cleaned up by the driver, further allocation errors will be false-positives, which will cause buffers to remain uninitialized and cause NULL pointer dereferences. Ensure proper cleanup of failed allocations to prevent these issues.

Published

2025-07-04T14:15:31.237

Last Modified

2025-12-18T19:46:17.940

Status

Analyzed

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

Severity

CVSSv3.1: 5.5 (MEDIUM)

Weaknesses

Type: Primary
CWE-908

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	linux	linux_kernel	< 6.1.143	Yes
Operating System	linux	linux_kernel	< 6.6.95	Yes
Operating System	linux	linux_kernel	< 6.12.35	Yes
Operating System	linux	linux_kernel	< 6.15.4	Yes
Operating System	debian	debian_linux	11.0	Yes

References

https://git.kernel.org/stable/c/0ee9469f818a0b4de3c0e7aecd733c103820d181 Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/6d0efe7d35c75394f32ff9d0650a007642d23857 Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/7500bb9cf164edbb2c8117d57620227b1a4a8369 Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/b89ff9cf37ff59399f850d5f7781ef78fc37679f Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/ec26be7d6355a05552a0d0c1e73031f83aa4dc7f Patch (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html Third Party Advisory, Mailing List (af854a3a-2127-422b-91ae-364da2661108)