CVE-2025-40013

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-40013
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40013.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-40013
Downstream
Related
Published
2025-10-20T15:29:09.076Z
Modified
2026-03-12T03:54:29.829163Z
Summary
ASoC: qcom: audioreach: fix potential null pointer dereference
Details

In the Linux kernel, the following vulnerability has been resolved:

ASoC: qcom: audioreach: fix potential null pointer dereference

It is possible that the topology parsing function audioreachwidgetloadmodulecommon() could return NULL or an error pointer. Add missing NULL check so that we do not dereference it.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40013.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
36ad9bf1d93d66b901342eab9f8ed6c1537655a6
Fixed
9c1ad4192f3d2fc85339718a6252cb3337848f7b
Fixed
70e1e5fe9f7e05ff831b56ebc02543e7811b8e18
Fixed
4dda55d04caac3b4102c26e29b1c27fa35636be3
Fixed
8f9c9fafc0e7a73bbff58954d171c016ddee1734
Fixed
ef08ce6304d30b5778035d07b04514cb70839983
Fixed
8318e04ab2526b155773313b66a1542476ce1106

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40013.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.156
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.110
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.51
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.16.11
Type
ECOSYSTEM
Events
Introduced
6.17.0
Fixed
6.17.1

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40013.json"