CVE-2025-40162

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-40162
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40162.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-40162
Downstream
Related
Published
2025-11-12T10:26:22.883Z
Modified
2026-03-20T12:43:12.087186Z
Summary
ASoC: amd/sdw_utils: avoid NULL deref when devm_kasprintf() fails
Details

In the Linux kernel, the following vulnerability has been resolved:

ASoC: amd/sdwutils: avoid NULL deref when devmkasprintf() fails

devmkasprintf() may return NULL on memory allocation failure, but the debug message prints cpus->dainame before checking it. Move the dev_dbg() call after the NULL check to prevent potential NULL pointer dereference.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40162.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
cb8ea62e6402067ba092d4c1d66a9440513a572b
Fixed
095d692e5997ece300c89f10d903d5230090e6a0
Fixed
a1cccbd19676fc36854535a7118ba2c27d0b84b3
Fixed
5726b68473f7153a7f6294185e5998b7e2a230a2

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40162.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.12.0
Fixed
6.12.55
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.17.5

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40162.json"