CVE-2025-40207
Linux Kernel 6.0.0-6.17.3 - DoS via v4l2_subdev_call_state_try() Allocation Failure
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-subdev: Fix alloc failure check in v4l2_subdev_call_state_try() v4l2_subdev_call_state_try() macro allocates a subdev state with __v4l2_subdev_state_alloc(), but does not check the returned value. If __v4l2_subdev_state_alloc fails, it returns an ERR_PTR, and that would cause v4l2_subdev_call_state_try() to crash. Add proper error handling to v4l2_subdev_call_state_try().
References (5)
Core 5
Core References
Scores
EPSS
0.0018
EPSS Percentile
7.9%
Details
Status
published
Products (16)
linux/Kernel
6.0.0 - 6.1.157linux
linux/Kernel
6.13.0 - 6.17.4linux
linux/Kernel
6.2.0 - 6.6.113linux
linux/Kernel
6.7.0 - 6.12.54linux
Linux/Linux
< 6.0
Linux/Linux
6.0
Linux/Linux
6.1.157 - 6.1.*
Linux/Linux
6.12.54 - 6.12.*
Linux/Linux
6.17.4 - 6.17.*
Linux/Linux
6.18
... and 6 more
Published
Nov 12, 2025
Tracked Since
Feb 18, 2026