-
CVE-2025-40338
- EPSS 0.02%
- Veröffentlicht 09.12.2025 04:09:54
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
ASoC: Intel: avs: Do not share the name pointer between components
In the Linux kernel, the following vulnerability has been resolved:
ASoC: Intel: avs: Do not share the name pointer between components
By sharing 'name' directly, tearing down components may lead to
use-after-free errors. Duplicate the name to avoid that.
At the same time, update the order of operations - since commit
cee28113db17 ("ASoC: dmaengine_pcm: Allow passing component name via
config") the framework does not override component->name if set before
invoking the initializer.Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version
f1b3b320bd6519b16e3480f74f2926d106e3bcba
Version <
128bf29c992988f8b4f3829227339908fde5ec86
Status
affected
Version
f1b3b320bd6519b16e3480f74f2926d106e3bcba
Version <
4dee5c1cc439b0d5ef87f741518268ad6a95b23d
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
5.19
Status
affected
Version
0
Version <
5.19
Status
unaffected
Version <=
6.17.*
Version
6.17.8
Status
unaffected
Version <=
*
Version
6.18
Status
unaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.063 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|