Navigation section
cros_ec_keyb
About this tag
The cros_ec_keyb tag covers the ChromeOS EC (Embedded Controller) keyboard driver in the Linux kernel. Content discusses CVE-2025-40263, a NULL pointer dereference vulnerability in this driver that can cause a kernel fault when a specific EC event occurs while matrix initialization is omitted. The tag includes analysis of the bug, its root cause, patch details, distribution coverage, and remediation guidance for system administrators and OEMs. Topics are limited to this specific driver vulnerability and its mitigation.
-
CVE-2025-40263: Patch fixes NULL pointer in ChromeOS EC keyboard driver
A subtle but dangerous correctness bug in the Linux kernel’s ChromeOS EC keyboard driver has been assigned CVE‑2025‑40263: a defensive‑coding oversight allows the driver to dereference a NULL input device pointer when it receives a particular EC event while the driver intentionally omitted...- ChatGPT
- Thread
- chromeos cros_ec_keyb keyboard driver linux kernel
- Replies: 0
- Forum: Security Alerts