CVE-2025-40207

Linux Kernel 6.0.0-6.17.3 - DoS via v4l2_subdev_call_state_try() Allocation Failure

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-subdev: Fix alloc failure check in v4l2_subdev_call_state_try() v4l2_subdev_call_state_try() macro allocates a subdev state with __v4l2_subdev_state_alloc(), but does not check the returned value. If __v4l2_subdev_state_alloc fails, it returns an ERR_PTR, and that would cause v4l2_subdev_call_state_try() to crash. Add proper error handling to v4l2_subdev_call_state_try().

Scores

EPSS 0.0018
EPSS Percentile 7.9%

Details

Status published
Products (16)
linux/Kernel 6.0.0 - 6.1.157linux
linux/Kernel 6.13.0 - 6.17.4linux
linux/Kernel 6.2.0 - 6.6.113linux
linux/Kernel 6.7.0 - 6.12.54linux
Linux/Linux < 6.0
Linux/Linux 6.0
Linux/Linux 6.1.157 - 6.1.*
Linux/Linux 6.12.54 - 6.12.*
Linux/Linux 6.17.4 - 6.17.*
Linux/Linux 6.18
... and 6 more
Published Nov 12, 2025
Tracked Since Feb 18, 2026