5.5

CVE-2025-39920

pcmcia: Add error handling for add_interval() in do_validate_mem()

In the Linux kernel, the following vulnerability has been resolved:

pcmcia: Add error handling for add_interval() in do_validate_mem()

In the do_validate_mem(), the call to add_interval() does not
handle errors. If kmalloc() fails in add_interval(), it could
result in a null pointer being inserted into the linked list,
leading to illegal memory access when sub_interval() is called
next.

This patch adds an error handling for the add_interval(). If
add_interval() returns an error, the function will return early
with the error code.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.34 < 5.4.299
LinuxLinux Kernel Version >= 5.5 < 5.10.243
LinuxLinux Kernel Version >= 5.11 < 5.15.192
LinuxLinux Kernel Version >= 5.16 < 6.1.151
LinuxLinux Kernel Version >= 6.2 < 6.6.105
LinuxLinux Kernel Version >= 6.7 < 6.12.46
LinuxLinux Kernel Version >= 6.13 < 6.16.6
LinuxLinux Kernel Version6.17 Updaterc1
LinuxLinux Kernel Version6.17 Updaterc2
LinuxLinux Kernel Version6.17 Updaterc3
LinuxLinux Kernel Version6.17 Updaterc4
DebianDebian Linux Version11.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.048
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/06b26e3099207c94b3d1be8565aedc6edc4f0a60
Patch
https://git.kernel.org/stable/c/289b58f8ff3198d091074a751d6b8f6827726f3e
Patch
https://git.kernel.org/stable/c/369bf6e241506583f4ee7593c53b92e5a9f271b4
Patch
https://git.kernel.org/stable/c/4a81f78caa53e0633cf311ca1526377d9bff7479
Patch
https://git.kernel.org/stable/c/5b60ed401b47897352c520bc724c85aa908dedcc
Patch
https://git.kernel.org/stable/c/85be7ef8c8e792a414940a38d94565dd48d2f236
Patch
https://git.kernel.org/stable/c/8699358b6ac99b8ccc97ed9e6e3669ef8958ef7b
Patch
https://git.kernel.org/stable/c/ae184024ef31423e5beb44cf4f52999bbcf2fe5b
Patch
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
Third Party Advisory
Mailing List
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Third Party Advisory
Mailing List