CVE-2025-21847

Published: Mar 12, 2025

Modified: Jun 1, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() The nullity of sps->cstream should be checked similarly as it is done in sof_set_stream_data_offset() function. Assuming that it is not NULL if sps->stream is NULL is incorrect and can lead to NULL pointer dereference.

Vendor	Product	Versions
Linux	Linux	affected `e46f81541b1bf5db45a8c7a9cbc35ffc696877dc - < dfe25c554daa12ee26eb3540bbded57733ed5d9c` affected `090349a9feba3ceee3997d31d68ffe54e5b57acb - < 2b3878baf90918a361a3dfd3513025100b1b40b6` affected `090349a9feba3ceee3997d31d68ffe54e5b57acb - < 62ab1ae5511c59b5f0bf550136ff321331adca9f` affected `090349a9feba3ceee3997d31d68ffe54e5b57acb - < 6c18f5eb2043ebf4674c08a9690218dc818a11ab` affected `090349a9feba3ceee3997d31d68ffe54e5b57acb - < d8d99c3b5c485f339864aeaa29f76269cc0ea975`
Linux	Linux	affected `6.3` unaffected `0 - < 6.3` unaffected `6.6.80 - <= 6.6.` unaffected `6.12.17 - <= 6.12.` unaffected `6.13.5 - <= 6.13.*` +1 more versions

References

https://git.kernel.org/stable/c/dfe25c554daa12ee26eb3540bbded57733ed5d9c

https://git.kernel.org/stable/c/2b3878baf90918a361a3dfd3513025100b1b40b6

https://git.kernel.org/stable/c/62ab1ae5511c59b5f0bf550136ff321331adca9f

https://git.kernel.org/stable/c/6c18f5eb2043ebf4674c08a9690218dc818a11ab

https://git.kernel.org/stable/c/d8d99c3b5c485f339864aeaa29f76269cc0ea975

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-21847

Description

Affected Products

References