PT-2025-16706 · Linux+7 · Linux Kernel+7

Published

2025-04-01

·

Updated

2026-04-20

·

CVE-2025-22066

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A NULL pointer dereference issue has been identified in the Linux kernel, specifically in the ASoC: imx-card component. The devm kasprintf() function returns NULL when memory allocation fails, but the imx card probe() function does not check for this case, resulting in a NULL pointer dereference. To prevent this issue, a NULL check has been added after devm kasprintf().
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALT-PU-2025-12647
ALT-PU-2025-7195
AZL-61697
BDU:2025-12173
CVE-2025-22066
DLA-4193-1
DSA-5907-1
ECHO-AB22-AE7D-3BD1
MGASA-2025-0142
MGASA-2025-0146
OESA-2025-1446
OESA-2025-1450
SUSE-SU-2025:01964-1
SUSE-SU-2025:01965-1
SUSE-SU-2025:02000-1
SUSE-SU-2025:02254-1
SUSE-SU-2025:02307-1
SUSE-SU-2025:02333-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:20408-1
SUSE-SU-2025:20413-1
SUSE-SU-2025:20419-1
SUSE-SU-2025:20421-1
SUSE-SU-2025_01964-1
SUSE-SU-2025_01965-1
SUSE-SU-2025_02000-1
SUSE-SU-2025_02254-1
SUSE-SU-2025_02307-1
SUSE-SU-2025_02333-1
USN-7591-1
USN-7591-2
USN-7591-3
USN-7591-4
USN-7591-5
USN-7591-6
USN-7592-1
USN-7593-1
USN-7594-1
USN-7594-2
USN-7594-3
USN-7597-1
USN-7597-2
USN-7598-1
USN-7602-1
USN-7605-1
USN-7605-2
USN-7606-1
USN-7628-1
USN-7655-1
USN-7835-1
USN-7835-2
USN-7835-3
USN-7835-4
USN-7835-5
USN-7835-6
USN-7887-1
USN-7887-2
USN-7940-1
USN-7940-2

Affected Products

Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu