Null Pointer Dereference in Linux Kernel's PCMCIA Driver
CVE-2025-39755

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 April 2025

Summary

A vulnerability in the Linux kernel's PCMCIA driver occurred due to improper initialization of the pcmcia_driver structure, specifically concerning the .name field. This oversight resulted in a potential NULL pointer dereference during the execution of the strcmp function when registering the driver. The issue exemplified a significant risk, as it could lead to unexpected system behavior or crashes upon driver registration.

Affected Version(s)

Linux e9dc69956d4d9bf4a81d35995ce9229ff5e4cad5 < 7ec50077d7f6647cb6ba3a2a20a6c26f51259c7d

Linux e9dc69956d4d9bf4a81d35995ce9229ff5e4cad5

References

https://git.kernel.org/stable/c/7ec50077d7f6647cb6ba3a2a2...

https://git.kernel.org/stable/c/c82ae06f49e70d1c14ee9c76c...

https://git.kernel.org/stable/c/c1baf6528bcfd6a86842093ff...

Timeline

Vulnerability published
Apr 18, 2025
Vulnerability Reserved
Apr 16, 2025