CVE-2025-40015 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: media: stm32-csi: Fix dereference before NULL check In 'stm32_csi_start', 'csidev->s_subdev' is dereferenced directly while assigning a value to the 'src_pad'. However the same value is being checked against NULL at a later point of time indicating that there are chances that the value can be NULL. Move the dereference after the NULL check.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/1f053d82e59c785b2b939cbed12f13657f84b296
https://git.kernel.org/stable/c/4eeafff163e80d576c5efc1360ae310c0ceedd02
https://git.kernel.org/stable/c/80eaf32672871bd2623ce6ba13ffc1f018756580

History

Mon, 20 Oct 2025 15:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: media: stm32-csi: Fix dereference before NULL check In 'stm32_csi_start', 'csidev->s_subdev' is dereferenced directly while assigning a value to the 'src_pad'. However the same value is being checked against NULL at a later point of time indicating that there are chances that the value can be NULL. Move the dereference after the NULL check.
Title		media: stm32-csi: Fix dereference before NULL check
References		https://git.kernel.org/stable/c/1f053d82e59c785b2b939cbed12f13657f84b296 https://git.kernel.org/stable/c/4eeafff163e80d576c5efc1360ae310c0ceedd02 https://git.kernel.org/stable/c/80eaf32672871bd2623ce6ba13ffc1f018756580

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-10-20T15:29:09.728Z

Updated: 2025-10-20T15:29:09.728Z

Reserved: 2025-04-16T07:20:57.151Z

Link: CVE-2025-40015

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-10-20T16:15:38.250

Modified: 2025-10-20T16:15:38.250

Link: CVE-2025-40015

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-40015", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T07:20:57.151Z", "datePublished": "2025-10-20T15:29:09.728Z", "dateUpdated": "2025-10-20T15:29:09.728Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-10-20T15:29:09.728Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: stm32-csi: Fix dereference before NULL check\n\nIn 'stm32_csi_start', 'csidev->s_subdev' is dereferenced directly while\nassigning a value to the 'src_pad'. However the same value is being\nchecked against NULL at a later point of time indicating that there\nare chances that the value can be NULL.\n\nMove the dereference after the NULL check."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/media/platform/st/stm32/stm32-csi.c"], "versions": [{"version": "e7bad98c205d17c745de9d83ebf73e53cbf99d48", "lessThan": "1f053d82e59c785b2b939cbed12f13657f84b296", "status": "affected", "versionType": "git"}, {"version": "e7bad98c205d17c745de9d83ebf73e53cbf99d48", "lessThan": "4eeafff163e80d576c5efc1360ae310c0ceedd02", "status": "affected", "versionType": "git"}, {"version": "e7bad98c205d17c745de9d83ebf73e53cbf99d48", "lessThan": "80eaf32672871bd2623ce6ba13ffc1f018756580", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/media/platform/st/stm32/stm32-csi.c"], "versions": [{"version": "6.15", "status": "affected"}, {"version": "0", "lessThan": "6.15", "status": "unaffected", "versionType": "semver"}, {"version": "6.16.11", "lessThanOrEqual": "6.16.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.17.1", "lessThanOrEqual": "6.17.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18-rc1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.15", "versionEndExcluding": "6.16.11"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.15", "versionEndExcluding": "6.17.1"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.15", "versionEndExcluding": "6.18-rc1"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/1f053d82e59c785b2b939cbed12f13657f84b296"}, {"url": "https://git.kernel.org/stable/c/4eeafff163e80d576c5efc1360ae310c0ceedd02"}, {"url": "https://git.kernel.org/stable/c/80eaf32672871bd2623ce6ba13ffc1f018756580"}], "title": "media: stm32-csi: Fix dereference before NULL check", "x_generator": {"engine": "bippy-1.2.0"}}}}