CVE-2025-40033

In the Linux kernel, the following vulnerability has been resolved:

remoteproc: pru: Fix potential NULL pointer dereference in pru_rproc_set_ctable()

pru_rproc_set_ctable() accessed rproc->priv before the IS_ERR_OR_NULL
check, which could lead to a null pointer dereference. Move the pru
assignment, ensuring we never dereference a NULL rproc pointer.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
LinuxCNA
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 3%
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
not-affected
bookworm
6.1.148-1
not-affected
bullseye (security)
5.10.244-1
fixed
bookworm (security)
6.1.153-1
fixed
trixie
vulnerable
trixie (security)
vulnerable
forky
vulnerable
sid
vulnerable
Vulnerability Media Exposure
References
https://git.kernel.org/stable/c/66821fdb723d55b25482a76b92d17d416efeae6b
https://git.kernel.org/stable/c/c9b6d789591f2bd57b0cbd59592493e11e029ed4
https://git.kernel.org/stable/c/d41e075b077142bb9ae5df40b9ddf9fd7821a811
https://git.kernel.org/stable/c/f0164d89950120281f2446be9687cffa1e43dbcc