CVE-2025-40224
Linux Kernel 6.15-6.17.5 - Denial of Service via Missing NULL Check in cgbc-hwmon
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: hwmon: (cgbc-hwmon) Add missing NULL check after devm_kzalloc() The driver allocates memory for sensor data using devm_kzalloc(), but did not check if the allocation succeeded. In case of memory allocation failure, dereferencing the NULL pointer would lead to a kernel crash. Add a NULL pointer check and return -ENOMEM to handle allocation failure properly.
References (2)
Core 2
Scores
EPSS
0.0016
EPSS Percentile
5.7%
Details
Status
published
Products (7)
linux/Kernel
6.15.0 - 6.17.6linux
Linux/Linux
< 6.15
Linux/Linux
08ebc9def79fc0c4dbb6ecc39263006e3f98b750 - 240b82b86a091c1aa49d951d4467425420a081a0
Linux/Linux
08ebc9def79fc0c4dbb6ecc39263006e3f98b750 - a09a5aa8bf258ddc99a22c30f17fe304b96b5350
Linux/Linux
6.15
Linux/Linux
6.17.6 - 6.17.*
Linux/Linux
6.18
Published
Dec 04, 2025
Tracked Since
Feb 18, 2026