{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T03:21:00.286","vulnerabilities":[{"cve":{"id":"CVE-2025-40097","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-10-30T10:15:34.173","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: hda: Fix missing pointer check in hda_component_manager_init function\n\nThe __component_match_add function may assign the 'matchptr' pointer\nthe value ERR_PTR(-ENOMEM), which will subsequently be dereferenced.\n\nThe call stack leading to the error looks like this:\n\nhda_component_manager_init\n|-> component_match_add\n    |-> component_match_add_release\n        |-> __component_match_add ( ... ,**matchptr, ... )\n            |-> *matchptr = ERR_PTR(-ENOMEM);       // assign\n|-> component_master_add_with_match( ...  match)\n    |-> component_match_realloc(match, match->num); // dereference\n\nAdd IS_ERR() check to prevent the crash.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."}],"metrics":{},"references":[{"url":"https://git.kernel.org/stable/c/1cf11d80db5df805b538c942269e05a65bcaf5bc","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/218a8504e62fc2c8a1fd12523346b7a2b9bd2474","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/47d1b9ca923b55c3f407788f1f15b04957e0e027","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"}]}}]}