CVE-2025-40013

In the Linux kernel, the following vulnerability has been resolved:

ASoC: qcom: audioreach: fix potential null pointer dereference

It is possible that the topology parsing function
audioreach_widget_load_module_common() could return NULL or an error
pointer. Add missing NULL check so that we do not dereference it.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
LinuxCNA
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
not-affected
bullseye (security)
5.10.244-1
fixed
bookworm
vulnerable
bookworm (security)
vulnerable
trixie
vulnerable
trixie (security)
vulnerable
forky
vulnerable
sid
6.16.12-2
fixed
References
https://git.kernel.org/stable/c/4dda55d04caac3b4102c26e29b1c27fa35636be3
https://git.kernel.org/stable/c/70e1e5fe9f7e05ff831b56ebc02543e7811b8e18
https://git.kernel.org/stable/c/8318e04ab2526b155773313b66a1542476ce1106
https://git.kernel.org/stable/c/8f9c9fafc0e7a73bbff58954d171c016ddee1734
https://git.kernel.org/stable/c/9c1ad4192f3d2fc85339718a6252cb3337848f7b
https://git.kernel.org/stable/c/ef08ce6304d30b5778035d07b04514cb70839983