CVE-2025-40116
BaseFortify
Publication date: 2025-11-12
Last updated on: 2025-11-12
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is in the Linux kernel's USB host controller driver max3421-hcd. It involves an error pointer dereference in the probe cleanup process. Specifically, the kthread_run() function can return error pointers, so the max3421_hcd->spi_thread pointer may be an error pointer or NULL. The vulnerability occurs because the code did not properly check for both error pointers and NULL before dereferencing spi_thread, which could lead to a kernel error or crash.
How can this vulnerability impact me? :
If exploited, this vulnerability could cause the Linux kernel to dereference invalid pointers, potentially leading to kernel crashes or instability. This could result in denial of service or system reliability issues on affected systems using the max3421-hcd USB host controller driver.
What immediate steps should I take to mitigate this vulnerability?
Update the Linux kernel to a version where the usb host max3421-hcd driver has the fix for the error pointer dereference in probe cleanup. Specifically, ensure that the kernel includes the check for error pointers and NULL before dereferencing max3421_hcd->spi_thread in the max3421_hcd driver code.