VYPR
Medium severity5.5NVD Advisory· Published Sep 4, 2025· Updated May 12, 2026

CVE-2025-38706

CVE-2025-38706

Description

In the Linux kernel, the following vulnerability has been resolved:

ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime()

snd_soc_remove_pcm_runtime() might be called with rtd == NULL which will leads to null pointer dereference. This was reproduced with topology loading and marking a link as ignore due to missing hardware component on the system. On module removal the soc_tplg_remove_link() would call snd_soc_remove_pcm_runtime() with rtd == NULL since the link was ignored, no runtime was created.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

197

Patches

Vulnerability mechanics

References

11

News mentions

1