CVE-2025-40085

29.10.2025, 14:15

In the Linux kernel, the following vulnerability has been resolved:

ALSA: usb-audio: Fix NULL pointer deference in try_to_register_card

In try_to_register_card(), the return value of usb_ifnum_to_if() is
passed directly to usb_interface_claimed() without a NULL check, which
will lead to a NULL pointer dereference when creating an invalid
USB audio device. Fix this by adding a check to ensure the interface
pointer is valid before passing it to usb_interface_claimed().

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	UNKNOWN				---
Linux	CNA	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Debian Releases

Debian Product

Codename

linux

bullseye	5.10.223-1 not-affected
bullseye (security)	5.10.244-1 fixed
bookworm	vulnerable
bookworm (security)	vulnerable
trixie	vulnerable
trixie (security)	vulnerable
forky	vulnerable
sid	vulnerable

Vulnerability Media Exposure

[GERMAN] Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service
Ein lokaler Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen.
Published: 2025-10-29T23:00:00+00:00

References

https://git.kernel.org/stable/c/28412b489b088fb88dff488305fd4e56bd47f6e4

https://git.kernel.org/stable/c/576312eb436326b44b7010f4d9ae2b698df075ea

https://git.kernel.org/stable/c/736159f7b296d7a95f7208eb4799639b1f8b16a0

https://git.kernel.org/stable/c/8503ac1a62075a085402e42a386b5c627c821a51

https://git.kernel.org/stable/c/8d19a7ab28c7b9c207db5c5282afa8cc8595bcdb

https://git.kernel.org/stable/c/bba7208765d26e5e36b87f21dacc2780b064f41f