CVE-2025-22066

MEDIUM EPSS 6.2%
Published Apr 16, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Apr 16, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: imx-card: Add NULL check in imx_card_probe() devm_kasprintf() returns NULL when memory allocation fails. Currently, imx_card_probe() does not check for this case, which results in a NULL pointer dereference. Add NULL check after devm_kasprintf() to prevent this issue.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
6.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 6

VendorProductVersionRange
linuxlinux_kernel*≥5.14  –  <5.15.180
linuxlinux_kernel*≥5.16  –  <6.1.134
linuxlinux_kernel*≥6.2  –  <6.6.87
linuxlinux_kernel*≥6.7  –  <6.12.23
linuxlinux_kernel*≥6.13  –  <6.13.11
linuxlinux_kernel*≥6.14  –  <6.14.2

References 8

  • git.kernel.org https://git.kernel.org/stable/c/018e6cf2503e60087747b0ebc190e18b3640766f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/38253922a89a742e7e622f626b41c64388367361
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4d8458e48ff135bddc402ad79821dc058ea163d0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/93d34608fd162f725172e780b1c60cc93a920719
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b01700e08be99e3842570142ec5973ccd7e73eaf
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/dd2bbb9564d0d24a2643ad90008a79840368c4b4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e283a5bf4337a7300ac5e6ae363cc8b242a0b4b7
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/018e6cf2503e60087747b0ebc190e18b3640766f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/38253922a89a742e7e622f626b41c64388367361
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4d8458e48ff135bddc402ad79821dc058ea163d0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/93d34608fd162f725172e780b1c60cc93a920719
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b01700e08be99e3842570142ec5973ccd7e73eaf
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/dd2bbb9564d0d24a2643ad90008a79840368c4b4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e283a5bf4337a7300ac5e6ae363cc8b242a0b4b7
    Patch