fkie_cve-2025-39892
Vulnerability from fkie_nvd
Published
2025-10-01 08:15
Modified
2025-10-02 19:12
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: care NULL dirver name on snd_soc_lookup_component_nolocked() soc-generic-dmaengine-pcm.c uses same dev for both CPU and Platform. In such case, CPU component driver might not have driver->name, then snd_soc_lookup_component_nolocked() will be NULL pointer access error. Care NULL driver name. Call trace: strcmp from snd_soc_lookup_component_nolocked+0x64/0xa4 snd_soc_lookup_component_nolocked from snd_soc_unregister_component_by_driver+0x2c/0x44 snd_soc_unregister_component_by_driver from snd_dmaengine_pcm_unregister+0x28/0x64 snd_dmaengine_pcm_unregister from devres_release_all+0x98/0xfc devres_release_all from device_unbind_cleanup+0xc/0x60 device_unbind_cleanup from really_probe+0x220/0x2c8 really_probe from __driver_probe_device+0x88/0x1a0 __driver_probe_device from driver_probe_device+0x30/0x110 driver_probe_device from __driver_attach+0x90/0x178 __driver_attach from bus_for_each_dev+0x7c/0xcc bus_for_each_dev from bus_add_driver+0xcc/0x1ec bus_add_driver from driver_register+0x80/0x11c driver_register from do_one_initcall+0x58/0x23c do_one_initcall from kernel_init_freeable+0x198/0x1f4 kernel_init_freeable from kernel_init+0x1c/0x12c kernel_init from ret_from_fork+0x14/0x28
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/168873ca1799d3f23442b9e79eae55f907b9b126
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/1d282dcd46d972be338085ae9e217462b366ce6e
Impacted products
Vendor Product Version


To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: soc-core: care NULL dirver name on snd_soc_lookup_component_nolocked()\n\nsoc-generic-dmaengine-pcm.c uses same dev for both CPU and Platform.\nIn such case, CPU component driver might not have driver-\u003ename, then\nsnd_soc_lookup_component_nolocked() will be NULL pointer access error.\nCare NULL driver name.\n\n\tCall trace:\n\t strcmp from snd_soc_lookup_component_nolocked+0x64/0xa4\n\t snd_soc_lookup_component_nolocked from snd_soc_unregister_component_by_driver+0x2c/0x44\n\t snd_soc_unregister_component_by_driver from snd_dmaengine_pcm_unregister+0x28/0x64\n\t snd_dmaengine_pcm_unregister from devres_release_all+0x98/0xfc\n\t devres_release_all from device_unbind_cleanup+0xc/0x60\n\t device_unbind_cleanup from really_probe+0x220/0x2c8\n\t really_probe from __driver_probe_device+0x88/0x1a0\n\t __driver_probe_device from driver_probe_device+0x30/0x110\n\tdriver_probe_device from __driver_attach+0x90/0x178\n\t__driver_attach from bus_for_each_dev+0x7c/0xcc\n\tbus_for_each_dev from bus_add_driver+0xcc/0x1ec\n\tbus_add_driver from driver_register+0x80/0x11c\n\tdriver_register from do_one_initcall+0x58/0x23c\n\tdo_one_initcall from kernel_init_freeable+0x198/0x1f4\n\tkernel_init_freeable from kernel_init+0x1c/0x12c\n\tkernel_init from ret_from_fork+0x14/0x28"
    }
  ],
  "id": "CVE-2025-39892",
  "lastModified": "2025-10-02T19:12:17.160",
  "metrics": {},
  "published": "2025-10-01T08:15:31.733",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/168873ca1799d3f23442b9e79eae55f907b9b126"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/1d282dcd46d972be338085ae9e217462b366ce6e"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.