CVE-2025-40116
Linux Kernel - Null Pointer Dereference in max3421-hcd Probe Cleanup
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup The kthread_run() function returns error pointers so the max3421_hcd->spi_thread pointer can be either error pointers or NULL. Check for both before dereferencing it.
References (8)
Core 8
Core References
Scores
EPSS
0.0021
EPSS Percentile
10.8%
Details
Status
published
Products (25)
linux/Kernel
3.16.0 - 5.4.301linux
linux/Kernel
5.11.0 - 5.15.195linux
linux/Kernel
5.16.0 - 6.1.156linux
linux/Kernel
5.5.0 - 5.10.246linux
linux/Kernel
6.13.0 - 6.17.3linux
linux/Kernel
6.2.0 - 6.6.112linux
linux/Kernel
6.7.0 - 6.12.53linux
Linux/Linux
< 3.16
Linux/Linux
05dfa5c9bc37933181b619e42ec0eeb41ef31362 - 186e8f2bdba551f3ae23396caccd452d985c23e3
Linux/Linux
05dfa5c9bc37933181b619e42ec0eeb41ef31362 - 3723c3dda1cc82c9bbca08fcbd46705a361bfd56
... and 15 more
Published
Nov 12, 2025
Tracked Since
Feb 18, 2026