You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2025 37793
About this tag
CVE-2025-37793 is a Linux kernel vulnerability affecting the Intel ASoC AVS driver. It involves a null-pointer dereference in the avs_component_probe() function due to a missing NULL check on the return value of devm_kasprintf(). This flaw can lead to a kernel crash, resulting in a denial-of-service condition. The vulnerability is local in scope and does not typically enable code execution. It is relevant for systems using the affected kernel drivers and loading the AVS component. Discussions on WindowsForum.com cover the patch details and implications for Linux-based systems.
The Linux kernel fix for CVE-2025-37793 patches a straightforward but real null-pointer dereference in the Intel ASoC AVS driver: a missed NULL check on the return value of devm_kasprintf() inside avs_component_probe() can allow a failed allocation to lead directly to a kernel NULL-dereference...