CVE-2025-40011

Oct. 20, 2025, 4:15 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: drm/gma500: Fix null dereference in hdmi teardown pci_set_drvdata sets the value of pdev->driver_data to NULL, after which the driver_data obtained from the same dev is dereferenced in oaktrail_hdmi_i2c_exit, and the i2c_dev is extracted from it. To prevent this, swap these calls. Found by Linux Verification Center (linuxtesting.org) with Svacer.

Product(s) Impacted

Vendor Product Versions
Linux
  • Linux Kernel
  • *

Weaknesses

Common security weaknesses mapped to this vulnerability.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
a linux linux_kernel / / / / / / / /

References

https://git.kernel.org/stable/c/02e4ff4941efb9bbb40d8d5b61efa1a4119b1ba7
https://git.kernel.org/stable/c/0fc650fa475b50c1da8236c5e900b9460c7027bc
https://git.kernel.org/stable/c/352e66900cde63f3dadb142364d3c35170bbaaff
https://git.kernel.org/stable/c/4bbfd1b290857b9d14ea9d91562bde55ff2bc85e
https://git.kernel.org/stable/c/6ffa6b5bc861a3ea9dfcdc007f002b4a347c24ba
https://git.kernel.org/stable/c/70b0c11483d3b90b2d0f416026e475e084a77e62
https://git.kernel.org/stable/c/e15de80737d444ed743b1c60ced4a3a97913169b
https://git.kernel.org/stable/c/f800f7054d2cf28b51296c7c575da27c29e3859b

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2025-10-20
CVE-2025-40011

Timeline

Published: Oct. 20, 2025, 4:15 p.m.
Last Modified: Oct. 20, 2025, 4:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.