CVE-2025-38070

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-38070
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38070.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-38070
Downstream
Published
2025-06-18T09:33:47Z
Modified
2025-10-18T01:53:34.270168Z
Summary
ASoC: sma1307: Add NULL check in sma1307_setting_loaded()
Details

In the Linux kernel, the following vulnerability has been resolved:

ASoC: sma1307: Add NULL check in sma1307settingloaded()

All varibale allocated by kzalloc and devm_kzalloc could be NULL. Multiple pointer checks and their cleanup are added.

This issue is found by our static analysis tool

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
576c57e6b4c1d734bcb7cc33dde9a99a9383b520
Fixed
f8434b8ba437d3f6cbcd9ffe8405bd16ed28fc5c
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
576c57e6b4c1d734bcb7cc33dde9a99a9383b520
Fixed
0ec6bd16705fe21d6429d6b8f7981eae2142bba8

Affected versions

v6.*

v6.12
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.14
v6.14-rc1
v6.14-rc2
v6.14-rc3
v6.14-rc4
v6.14-rc5
v6.14-rc6
v6.14-rc7
v6.14.1
v6.14.2
v6.14.3
v6.14.4
v6.14.5
v6.14.6
v6.14.7
v6.14.8

Database specific

vanir_signatures

[
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "41156468760625971806842602344909871268",
                "202790644468387850363005235974670478710",
                "153100213390203149441509038617761020939",
                "30326043497257311080663499384729360373",
                "189301419089284537015410835553614491179",
                "197228373821783418715742167600462723673",
                "73039149125554110088814357934204746970",
                "165822337237296029810461609194483100529",
                "21433397881865270009341712914059609707",
                "166559515203121652446125966849643446614",
                "233813765717580059750486035854966108599",
                "276710236273611798069250864020475723527",
                "247745004455507873282439920377732102810",
                "299290842224654732002775330301280052933",
                "310102808909224819078002431669911627763",
                "144559459919537037271859056500397274081"
            ]
        },
        "id": "CVE-2025-38070-1cce1d6e",
        "signature_type": "Line",
        "target": {
            "file": "sound/soc/codecs/sma1307.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f8434b8ba437d3f6cbcd9ffe8405bd16ed28fc5c"
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "41156468760625971806842602344909871268",
                "202790644468387850363005235974670478710",
                "153100213390203149441509038617761020939",
                "30326043497257311080663499384729360373",
                "189301419089284537015410835553614491179",
                "197228373821783418715742167600462723673",
                "73039149125554110088814357934204746970",
                "165822337237296029810461609194483100529",
                "21433397881865270009341712914059609707",
                "166559515203121652446125966849643446614",
                "233813765717580059750486035854966108599",
                "276710236273611798069250864020475723527",
                "247745004455507873282439920377732102810",
                "299290842224654732002775330301280052933",
                "310102808909224819078002431669911627763",
                "144559459919537037271859056500397274081"
            ]
        },
        "id": "CVE-2025-38070-4a419a44",
        "signature_type": "Line",
        "target": {
            "file": "sound/soc/codecs/sma1307.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0ec6bd16705fe21d6429d6b8f7981eae2142bba8"
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "length": 2141.0,
            "function_hash": "150584256978178803280377347686789496374"
        },
        "id": "CVE-2025-38070-5c283092",
        "signature_type": "Function",
        "target": {
            "file": "sound/soc/codecs/sma1307.c",
            "function": "sma1307_setting_loaded"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0ec6bd16705fe21d6429d6b8f7981eae2142bba8"
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "length": 2141.0,
            "function_hash": "150584256978178803280377347686789496374"
        },
        "id": "CVE-2025-38070-d29738c8",
        "signature_type": "Function",
        "target": {
            "file": "sound/soc/codecs/sma1307.c",
            "function": "sma1307_setting_loaded"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f8434b8ba437d3f6cbcd9ffe8405bd16ed28fc5c"
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.14.9