CVE-2025-40224

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: hwmon: (cgbc-hwmon) Add missing NULL check after devm_kzalloc() The driver allocates memory for sensor data using devm_kzalloc(), but did not check if the allocation succeeded. In case of memory allocation failure, dereferencing the NULL pointer would lead to a kernel crash. Add a NULL pointer check and return -ENOMEM to handle allocation failure properly.

References

• https://git.kernel.org/stable/c/240b82b86a091c1aa49d951d4467425420a081a0
• https://git.kernel.org/stable/c/a09a5aa8bf258ddc99a22c30f17fe304b96b5350

FAQ

What is CVE-2025-40224?

CVE-2025-40224 is a documented vulnerability. In the Linux kernel, the following vulnerability has been resolved: hwmon: (cgbc-hwmon) Add missing NULL check after devm_kzalloc() The driver allocates memory for sensor data using devm_kzalloc(), ...

How severe is CVE-2025-40224?

CVSS scoring is not yet available for CVE-2025-40224. Check NVD for updates.

Is there a patch for CVE-2025-40224?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.