PT-2025-42782 · Linux+4 · Linux Kernel+4

Published

2025-08-25

·

Updated

2026-05-07

·

CVE-2025-40013

CVSS v2.0

4.6

Medium

VectorAV:L/AC:L/Au:S/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Linux Kernel (affected versions not specified)
Description A flaw exists in the Linux kernel's ASoC Qcom Audioreach module where the audioreach widget load module common() function may return NULL or an error pointer. A missing NULL check could lead to a null pointer dereference.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

BDU:2025-13578
CVE-2025-40013
DLA-4379-1
DSA-6053-1
ECHO-CCD9-0FA1-C10A
MGASA-2025-0309
MGASA-2025-0310
OPENSUSE-SU-2025:15671-1
OPENSUSE-SU-2025:20091-1
OPENSUSE-SU-2026:10301-1
SUSE-SU-2025:21040-1
SUSE-SU-2025:21052-1
SUSE-SU-2025:21056-1
SUSE-SU-2025:21064-1
SUSE-SU-2025:21080-1
SUSE-SU-2025:21147-1
SUSE-SU-2025:21180-1
SUSE-SU-2025:4057-1
SUSE-SU-2025:4128-1
SUSE-SU-2025:4132-1
SUSE-SU-2025:4140-1
SUSE-SU-2025:4141-1
SUSE-SU-2025:4301-1
USN-8095-1
USN-8095-2
USN-8095-3
USN-8095-4
USN-8095-5
USN-8100-1
USN-8125-1
USN-8126-1
USN-8165-1
USN-8261-1

Affected Products

Debian
Linux Kernel
Linuxmint
Suse
Ubuntu