CVE-2025-40154
Linux Kernel - Out-of-Bounds Access via Invalid Quirk Input Mapping
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping When an invalid value is passed via quirk option, currently bytcr_rt5640 driver only shows an error message but leaves as is. This may lead to unepxected results like OOB access. This patch corrects the input mapping to the certain default value if an invalid value is passed.
References (8)
Core 8
Core References
Scores
EPSS
0.0019
EPSS Percentile
9.1%
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
Status
published
Products (25)
linux/Kernel
4.18.0 - 5.4.301linux
linux/Kernel
5.11.0 - 5.15.195linux
linux/Kernel
5.16.0 - 6.1.156linux
linux/Kernel
5.5.0 - 5.10.246linux
linux/Kernel
6.13.0 - 6.17.3linux
linux/Kernel
6.2.0 - 6.6.112linux
linux/Kernel
6.7.0 - 6.12.53linux
Linux/Linux
< 4.18
Linux/Linux
063422ca2a9de238401c3848c1b3641c07b6316c - 29a41bf6422688f0c5a09b18222e1a64b2629fa4
Linux/Linux
063422ca2a9de238401c3848c1b3641c07b6316c - 2c27e047bdcba457ec953f7e90e4ed6d5f8aeb01
... and 15 more
Published
Nov 12, 2025
Tracked Since
Feb 18, 2026