Input Mapping Vulnerability in Intel ASoC Driver for Linux Kernel
CVE-2025-40154

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
12 November 2025

What is CVE-2025-40154?

A vulnerability in the Intel ASoC driver within the Linux kernel allows for potential out-of-bounds access when invalid values are provided through quirk options. The current handling only generates an error message, failing to remediate the processing flow effectively. This may lead to unexpected behaviors in the system. The recently applied patch rectifies this by ensuring that any invalid input is set to a designated default value, thereby securing the system's integrity.

Affected Version(s)

Linux 063422ca2a9de238401c3848c1b3641c07b6316c < 2c27e047bdcba457ec953f7e90e4ed6d5f8aeb01

Linux 063422ca2a9de238401c3848c1b3641c07b6316c

Linux 063422ca2a9de238401c3848c1b3641c07b6316c

References

https://git.kernel.org/stable/c/2c27e047bdcba457ec953f7e9...
https://git.kernel.org/stable/c/a97b4d18ecb012c5624cdf2ca...
https://git.kernel.org/stable/c/dea9c8c9028c9374761224a7f...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-40154 : Input Mapping Vulnerability in Intel ASoC Driver for Linux Kernel