CVE-2025-40132

Published: Nov 12, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sof_sdw: Prevent jump to NULL add_sidecar callback In create_sdw_dailink() check that sof_end->codec_info->add_sidecar is not NULL before calling it. The original code assumed that if include_sidecar is true, the codec on that link has an add_sidecar callback. But there could be other codecs on the same link that do not have an add_sidecar callback.

Vendor	Product	Versions
Linux	Linux	affected `da5244180281a18c4c7859674fec308514aaf629 - < aea038062edfca9c6e5ddcecd4611d5a80113b4e` affected `da5244180281a18c4c7859674fec308514aaf629 - < a5416c0fc9e77b69f853dfb1e78bc05a7c06a789` affected `da5244180281a18c4c7859674fec308514aaf629 - < 87cab86925b7fa4c1c977bc191ac549a3b23f0ea`
Linux	Linux	affected `6.10` unaffected `0 - < 6.10` unaffected `6.12.53 - <= 6.12.` unaffected `6.17.3 - <= 6.17.` unaffected `6.18 - <= *`

References

https://git.kernel.org/stable/c/aea038062edfca9c6e5ddcecd4611d5a80113b4e

https://git.kernel.org/stable/c/a5416c0fc9e77b69f853dfb1e78bc05a7c06a789

https://git.kernel.org/stable/c/87cab86925b7fa4c1c977bc191ac549a3b23f0ea

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-40132

Description

Affected Products

References