5.5

CVE-2025-38225

media: imx-jpeg: Cleanup after an allocation error

In the Linux kernel, the following vulnerability has been resolved:

media: imx-jpeg: Cleanup after an allocation error

When allocation failures are not cleaned up by the driver, further
allocation errors will be false-positives, which will cause buffers to
remain uninitialized and cause NULL pointer dereferences.
Ensure proper cleanup of failed allocations to prevent these issues.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.13 < 6.1.143
LinuxLinux Kernel Version >= 6.2 < 6.6.95
LinuxLinux Kernel Version >= 6.7 < 6.12.35
LinuxLinux Kernel Version >= 6.13 < 6.15.4
DebianDebian Linux Version11.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.14% 0.034
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-908 Use of Uninitialized Resource

The product uses or accesses a resource that has not been initialized.

https://git.kernel.org/stable/c/ec26be7d6355a05552a0d0c1e73031f83aa4dc7f
Patch
https://git.kernel.org/stable/c/0ee9469f818a0b4de3c0e7aecd733c103820d181
Patch
https://git.kernel.org/stable/c/6d0efe7d35c75394f32ff9d0650a007642d23857
Patch
https://git.kernel.org/stable/c/7500bb9cf164edbb2c8117d57620227b1a4a8369
Patch
https://git.kernel.org/stable/c/b89ff9cf37ff59399f850d5f7781ef78fc37679f
Patch
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Third Party Advisory
Mailing List