CVE-2025-40085
Linux Kernel NULL Pointer Dereference in try_to_register_card
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix NULL pointer deference in try_to_register_card In try_to_register_card(), the return value of usb_ifnum_to_if() is passed directly to usb_interface_claimed() without a NULL check, which will lead to a NULL pointer dereference when creating an invalid USB audio device. Fix this by adding a check to ensure the interface pointer is valid before passing it to usb_interface_claimed().
References (6)
Core 6
Core References
Scores
EPSS
0.0019
EPSS Percentile
8.6%
Details
Status
published
Products (24)
linux/Kernel
< 5.15.196linux
linux/Kernel
5.16.0 - 6.1.158linux
linux/Kernel
6.1.0 - 6.6.114linux
linux/Kernel
6.2.0 - 6.12.55linux
linux/Kernel
6.7.0 - 6.17.5linux
Linux/Linux
< 6.1
Linux/Linux
28787ff9fbeaf57684eb64cc33e2ec8ceedf21b5 - 736159f7b296d7a95f7208eb4799639b1f8b16a0
Linux/Linux
39efc9c8a973ddff5918191525d1679d0fb368ea - 28412b489b088fb88dff488305fd4e56bd47f6e4
Linux/Linux
39efc9c8a973ddff5918191525d1679d0fb368ea - 576312eb436326b44b7010f4d9ae2b698df075ea
Linux/Linux
39efc9c8a973ddff5918191525d1679d0fb368ea - 8503ac1a62075a085402e42a386b5c627c821a51
... and 14 more
Published
Oct 29, 2025
Tracked Since
Feb 18, 2026