#VU117738 NULL pointer dereference in Linux kernel - CVE-2025-40029
Published: October 28, 2025
Vulnerability identifier: #VU117738
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-40029
CWE-ID: CWE-476
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fsl_mc_bus_probe() function in drivers/bus/fsl-mc/fsl-mc-bus.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's repository.
External links
- https://git.kernel.org/stable/c/25f526507b8ccc6ac3a43bc094d09b1f9b0b90ae
- https://git.kernel.org/stable/c/2ead548473f58c7960b6b939b79503c4a0a2c0bd
- https://git.kernel.org/stable/c/78e87b8a3cf8a59671ea25c87192d16e8d710e1c
- https://git.kernel.org/stable/c/84ec0482ed9c9ed0aee553a5e7e7458ad79c021f
- https://git.kernel.org/stable/c/8a4dd74fe413d4a278e649be1d22d028e1667116
- https://git.kernel.org/stable/c/e60d55692e6c8e951000343c39f3fc92cab57efc