SB20251028106 - NULL pointer dereference in Linux kernel bus fsl-mc driver
Published: October 28, 2025
Security Bulletin ID
SB20251028106
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) NULL pointer dereference (CVE-ID: CVE-2025-40029)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fsl_mc_bus_probe() function in drivers/bus/fsl-mc/fsl-mc-bus.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/25f526507b8ccc6ac3a43bc094d09b1f9b0b90ae
- https://git.kernel.org/stable/c/2ead548473f58c7960b6b939b79503c4a0a2c0bd
- https://git.kernel.org/stable/c/78e87b8a3cf8a59671ea25c87192d16e8d710e1c
- https://git.kernel.org/stable/c/84ec0482ed9c9ed0aee553a5e7e7458ad79c021f
- https://git.kernel.org/stable/c/8a4dd74fe413d4a278e649be1d22d028e1667116
- https://git.kernel.org/stable/c/e60d55692e6c8e951000343c39f3fc92cab57efc