CVE-2025-38143

devmkasprintf() returns NULL when memory allocation fails. Currently, wledconfigure() does not check for this case, which results in a NULL pointer dereference.

Add NULL check after devm_kasprintf() to prevent this issue.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38143.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

f86b77583d88c8402e8d89a339d96f847318f8a8

Fixed

6a56446595730a5e3f06a30902e23cb037d28146

Fixed

9d06ac32c202142da40904180f2669ed4f5073ac

Fixed

21528806560510458378ea52c37e35b0773afaea

Fixed

fde314445332015273c8f51d2659885c606fe135

Fixed

1be2000b703b02e149f8f2061054489f6c18c972

Fixed

4a715be3fe80b68fa55cb3569af3d294be101626

Fixed

e12d3e1624a02706cdd3628bbf5668827214fa33

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38143.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.0.0

Fixed

5.10.239

Type: ECOSYSTEM
Events: Introduced

5.11.0

Fixed

5.15.186

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.142

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.94

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.12.34

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.15.3

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38143.json"