-

CVE-2025-40060

EPSS 0.06%
Veröffentlicht 28.10.2025 11:48:32
Zuletzt bearbeitet 30.10.2025 15:05:32
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

coresight: trbe: Return NULL pointer for allocation failures

When the TRBE driver fails to allocate a buffer, it currently returns
the error code "-ENOMEM". However, the caller etm_setup_aux() only
checks for a NULL pointer, so it misses the error. As a result, the
driver continues and eventually causes a kernel panic.

Fix this by returning a NULL pointer from arm_trbe_alloc_buffer() on
allocation failures. This allows that the callers can properly handle
the failure.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 9

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < cef047e0a55cb07906fcaae99170f19a9c0bb6c2

Version 3fbf7f011f2426dac8c982f1d2ef469a7959a524

Status affected

Version < fe53a726d5edf864e80b490780cc135fc1adece9

Version 3fbf7f011f2426dac8c982f1d2ef469a7959a524

Status affected

Version < 9768536f82600a05ce901e31ccfabd92c027ff71

Version 3fbf7f011f2426dac8c982f1d2ef469a7959a524

Status affected

Version < 296da78494633e1ab5e2e74173a9c8683b04aa6b

Version 3fbf7f011f2426dac8c982f1d2ef469a7959a524

Status affected

Version < f505a165f1c7cd37b4cb6952042a5984693a4067

Version 3fbf7f011f2426dac8c982f1d2ef469a7959a524

Status affected

Version < 8a55c161f7f9c1aa1c70611b39830d51c83ef36d

Version 3fbf7f011f2426dac8c982f1d2ef469a7959a524

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.13

Status affected

Version < 5.13

Version 0

Status unaffected

Version <= 5.15.*

Version 5.15.195

Status unaffected

Version <= 6.1.*

Version 6.1.156

Status unaffected

Version <= 6.6.*

Version 6.6.112

Status unaffected

Version <= 6.12.*

Version 6.12.53

Status unaffected

Version <= 6.17.*

Version 6.17.3

Status unaffected

Version <= *

Version 6.18

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.188

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/cef047e0a55cb07906fcaae99170f19a9c0bb6c2

https://git.kernel.org/stable/c/fe53a726d5edf864e80b490780cc135fc1adece9

https://git.kernel.org/stable/c/9768536f82600a05ce901e31ccfabd92c027ff71

https://git.kernel.org/stable/c/296da78494633e1ab5e2e74173a9c8683b04aa6b

https://git.kernel.org/stable/c/f505a165f1c7cd37b4cb6952042a5984693a4067

https://git.kernel.org/stable/c/8a55c161f7f9c1aa1c70611b39830d51c83ef36d

https://nvd.nist.gov/vuln/detail/CVE-2025-40060

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-40060

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-40060

EUVD