CVE-2025-40011

Linux Kernel - Null Pointer Dereference in DRM GMA500 HDMI Teardown

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: drm/gma500: Fix null dereference in hdmi teardown pci_set_drvdata sets the value of pdev->driver_data to NULL, after which the driver_data obtained from the same dev is dereferenced in oaktrail_hdmi_i2c_exit, and the i2c_dev is extracted from it. To prevent this, swap these calls. Found by Linux Verification Center (linuxtesting.org) with Svacer.

Scores

EPSS 0.0024
EPSS Percentile 15.2%

Details

Status published
Products (25)
linux/Kernel 3.3.0 - 5.4.300linux
linux/Kernel 5.11.0 - 5.15.194linux
linux/Kernel 5.16.0 - 6.1.155linux
linux/Kernel 5.5.0 - 5.10.245linux
linux/Kernel 6.13.0 - 6.16.10linux
linux/Kernel 6.2.0 - 6.6.109linux
linux/Kernel 6.7.0 - 6.12.50linux
Linux/Linux < 3.3
Linux/Linux 1b082ccf5901108d3acd860a73d8c0442556c0bb - 02e4ff4941efb9bbb40d8d5b61efa1a4119b1ba7
Linux/Linux 1b082ccf5901108d3acd860a73d8c0442556c0bb - 0fc650fa475b50c1da8236c5e900b9460c7027bc
... and 15 more
Published Oct 20, 2025
Tracked Since Feb 18, 2026