CVE-2025-40224

Dec. 4, 2025, 5:15 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: hwmon: (cgbc-hwmon) Add missing NULL check after devm_kzalloc() The driver allocates memory for sensor data using devm_kzalloc(), but did not check if the allocation succeeded. In case of memory allocation failure, dereferencing the NULL pointer would lead to a kernel crash. Add a NULL pointer check and return -ENOMEM to handle allocation failure properly.

Product(s) Impacted

Product Versions
linux_kernel
  • *

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/240b82b86a091c1aa49d951d4467425420a081a0
https://git.kernel.org/stable/c/a09a5aa8bf258ddc99a22c30f17fe304b96b5350

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2025-12-04
CVE-2025-40224

Timeline

Published: Dec. 4, 2025, 4:16 p.m.
Last Modified: Dec. 4, 2025, 5:15 p.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.