5.5

CVE-2025-38706

ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime()

In the Linux kernel, the following vulnerability has been resolved:

ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime()

snd_soc_remove_pcm_runtime() might be called with rtd == NULL which will
leads to null pointer dereference.
This was reproduced with topology loading and marking a link as ignore
due to missing hardware component on the system.
On module removal the soc_tplg_remove_link() would call
snd_soc_remove_pcm_runtime() with rtd == NULL since the link was ignored,
no runtime was created.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.6 < 5.10.241
LinuxLinux Kernel Version >= 5.11 < 5.15.190
LinuxLinux Kernel Version >= 5.16 < 6.1.149
LinuxLinux Kernel Version >= 6.2 < 6.6.103
LinuxLinux Kernel Version >= 6.7 < 6.12.43
LinuxLinux Kernel Version >= 6.13 < 6.15.11
LinuxLinux Kernel Version >= 6.16 < 6.16.2
DebianDebian Linux Version11.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.18% 0.075
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/8b465bedc2b417fd27c1d1ab7122882b4b60b1a0
Patch
https://git.kernel.org/stable/c/82ba7b8cf9f6e3bf392a9f08ba3d1c0b200ccb94
Patch
https://git.kernel.org/stable/c/7f8fc03712194fd4e2df28af7f7f7a38205934ef
Patch
https://git.kernel.org/stable/c/41f53afe53a57a7c50323f99424b598190acf192
Patch
https://git.kernel.org/stable/c/2fce20decc6a83f16dd73744150c4e7ea6c97c21
Patch
https://git.kernel.org/stable/c/cecc65827ef3df9754e097582d89569139e6cd1e
Patch
https://git.kernel.org/stable/c/7ce0a7255ce97ed7c54afae83fdbce712a1f0c9e
Patch
https://git.kernel.org/stable/c/2d91cb261cac6d885954b8f5da28b5c176c18131
Patch
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Third Party Advisory
https://cert-portal.siemens.com/productcert/html/ssa-032379.html