VYPR
← All advisories
Unrated severityNVD Advisory· Published Nov 12, 2025· Updated Apr 15, 2026

CVE-2025-40132

CVE-2025-40132

Description

In the Linux kernel, the following vulnerability has been resolved:

ASoC: Intel: sof_sdw: Prevent jump to NULL add_sidecar callback

In create_sdw_dailink() check that sof_end->codec_info->add_sidecar is not NULL before calling it.

The original code assumed that if include_sidecar is true, the codec on that link has an add_sidecar callback. But there could be other codecs on the same link that do not have an add_sidecar callback.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A NULL pointer dereference in the Linux kernel's ASoC Intel sof_sdw driver when an add_sidecar callback is missing for a codec on a soundwire link.

Vulnerability

In the Linux kernel's ASoC subsystem, the Intel SoundWire (sof_sdw) driver contains a NULL pointer dereference vulnerability in the create_sdw_dailink() function [1]. The code assumed that if include_sidecar is true, every codec on that SoundWire link has a valid add_sidecar callback pointer. However, other codecs on the same link may not provide this callback, leading to a jump to NULL [1].

Exploitation

An attacker would need to be able to influence the SoundWire topology or device configuration to create a scenario where a codec on a sidecar-included link lacks the add_sidecar callback. This may be triggered by hotplugging a malicious or non-compliant codec, or by manipulating device properties through firmware/ACPI tables. The exploitation is local, requiring some control over the system's audio hardware configuration.

Impact

Calling a NULL function pointer results in a kernel panic (oops), causing a denial of service (DoS). There is no evidence in the source that this can be leveraged for privilege escalation or code execution. The vulnerability affects systems using the Intel SoundWire interface with multiple codecs on a single link.

Mitigation

The fix was committed to the Linux kernel stable tree in commit 87cab86925b7fa4c1c977bc191ac549a3b23f0ea [1]. It adds a NULL check before calling the callback. Users should apply the latest stable kernel updates that include this fix.

References
  1. Making sure you're not a bot!

AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2

Patches

3
aea038062edf
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
a5416c0fc9e7
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
87cab86925b7
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

3

News mentions

0

No linked articles in our index yet.