CVE-2025-40207

v4l2subdevcallstatetry() macro allocates a subdev state with __v4l2subdevstate_alloc(), but does not check the returned value. If __v4l2subdevstatealloc fails, it returns an ERRPTR, and that would cause v4l2subdevcallstatetry() to crash.

Add proper error handling to v4l2subdevcallstatetry().

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40207.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

982c0487185bd466059ff618f398a8d074ddb654

Fixed

5b0057459cdc243ffb35617603142dcace09c711

Fixed

ed30811fbed40751deb952bde534aa2632dc0bf7

Fixed

94e6336dc1f06a06f5b4cd04d4a012bba34f2857

Fixed

a553530b3314a0bdc98cf114cdbe204551a70a00

Fixed

f37df9a0eb5e43fcfe02cbaef076123dc0d79c7e

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40207.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

6.0.0

Fixed

6.1.157

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.113

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.12.54

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.17.4

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40207.json"