-

CVE-2025-40085

EPSS 0.06%
Veröffentlicht 29.10.2025 13:37:04
Zuletzt bearbeitet 30.10.2025 15:03:13
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

ALSA: usb-audio: Fix NULL pointer deference in try_to_register_card

In try_to_register_card(), the return value of usb_ifnum_to_if() is
passed directly to usb_interface_claimed() without a NULL check, which
will lead to a NULL pointer dereference when creating an invalid
USB audio device. Fix this by adding a check to ensure the interface
pointer is valid before passing it to usb_interface_claimed().

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 9

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 736159f7b296d7a95f7208eb4799639b1f8b16a0

Version 28787ff9fbeaf57684eb64cc33e2ec8ceedf21b5

Status affected

Version < 8d19a7ab28c7b9c207db5c5282afa8cc8595bcdb

Version 39efc9c8a973ddff5918191525d1679d0fb368ea

Status affected

Version < 576312eb436326b44b7010f4d9ae2b698df075ea

Version 39efc9c8a973ddff5918191525d1679d0fb368ea

Status affected

Version < bba7208765d26e5e36b87f21dacc2780b064f41f

Version 39efc9c8a973ddff5918191525d1679d0fb368ea

Status affected

Version < 8503ac1a62075a085402e42a386b5c627c821a51

Version 39efc9c8a973ddff5918191525d1679d0fb368ea

Status affected

Version < 28412b489b088fb88dff488305fd4e56bd47f6e4

Version 39efc9c8a973ddff5918191525d1679d0fb368ea

Status affected

Version 9d4f4dc3cd38e412c29a7626489fe48b79ebbf6c

Status affected

Version 52076a41c128146c9df4a157e972cb17019313b1

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 6.1

Status affected

Version < 6.1

Version 0

Status unaffected

Version <= 5.15.*

Version 5.15.196

Status unaffected

Version <= 6.1.*

Version 6.1.158

Status unaffected

Version <= 6.6.*

Version 6.6.114

Status unaffected

Version <= 6.12.*

Version 6.12.55

Status unaffected

Version <= 6.17.*

Version 6.17.5

Status unaffected

Version <= *

Version 6.18

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.188

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/736159f7b296d7a95f7208eb4799639b1f8b16a0

https://git.kernel.org/stable/c/8d19a7ab28c7b9c207db5c5282afa8cc8595bcdb

https://git.kernel.org/stable/c/576312eb436326b44b7010f4d9ae2b698df075ea

https://git.kernel.org/stable/c/bba7208765d26e5e36b87f21dacc2780b064f41f

https://git.kernel.org/stable/c/8503ac1a62075a085402e42a386b5c627c821a51

https://git.kernel.org/stable/c/28412b489b088fb88dff488305fd4e56bd47f6e4

https://nvd.nist.gov/vuln/detail/CVE-2025-40085

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-40085

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-40085

EUVD