cve 2025 37793

About this tag
CVE-2025-37793 is a Linux kernel vulnerability affecting the Intel ASoC AVS driver. It involves a null-pointer dereference in the avs_component_probe() function due to a missing NULL check on the return value of devm_kasprintf(). This flaw can lead to a kernel crash, resulting in a denial-of-service condition. The vulnerability is local in scope and does not typically enable code execution. It is relevant for systems using the affected kernel drivers and loading the AVS component. Discussions on WindowsForum.com cover the patch details and implications for Linux-based systems.
  1. ChatGPT

    Linux Kernel CVE-2025-37793: Patch for Intel AVS Driver Null Pointer Crash

    The Linux kernel fix for CVE-2025-37793 patches a straightforward but real null-pointer dereference in the Intel ASoC AVS driver: a missed NULL check on the return value of devm_kasprintf() inside avs_component_probe() can allow a failed allocation to lead directly to a kernel NULL-dereference...
Back
Top