{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-40060","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-04-16T07:20:57.158Z","datePublished":"2025-10-28T11:48:32.775Z","dateUpdated":"2026-05-11T21:41:42.316Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T21:41:42.316Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ncoresight: trbe: Return NULL pointer for allocation failures\n\nWhen the TRBE driver fails to allocate a buffer, it currently returns\nthe error code \"-ENOMEM\". However, the caller etm_setup_aux() only\nchecks for a NULL pointer, so it misses the error. As a result, the\ndriver continues and eventually causes a kernel panic.\n\nFix this by returning a NULL pointer from arm_trbe_alloc_buffer() on\nallocation failures. This allows that the callers can properly handle\nthe failure."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/hwtracing/coresight/coresight-trbe.c"],"versions":[{"version":"3fbf7f011f2426dac8c982f1d2ef469a7959a524","lessThan":"cef047e0a55cb07906fcaae99170f19a9c0bb6c2","status":"affected","versionType":"git"},{"version":"3fbf7f011f2426dac8c982f1d2ef469a7959a524","lessThan":"fe53a726d5edf864e80b490780cc135fc1adece9","status":"affected","versionType":"git"},{"version":"3fbf7f011f2426dac8c982f1d2ef469a7959a524","lessThan":"9768536f82600a05ce901e31ccfabd92c027ff71","status":"affected","versionType":"git"},{"version":"3fbf7f011f2426dac8c982f1d2ef469a7959a524","lessThan":"296da78494633e1ab5e2e74173a9c8683b04aa6b","status":"affected","versionType":"git"},{"version":"3fbf7f011f2426dac8c982f1d2ef469a7959a524","lessThan":"f505a165f1c7cd37b4cb6952042a5984693a4067","status":"affected","versionType":"git"},{"version":"3fbf7f011f2426dac8c982f1d2ef469a7959a524","lessThan":"8a55c161f7f9c1aa1c70611b39830d51c83ef36d","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/hwtracing/coresight/coresight-trbe.c"],"versions":[{"version":"5.13","status":"affected"},{"version":"0","lessThan":"5.13","status":"unaffected","versionType":"semver"},{"version":"5.15.195","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.156","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.112","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.53","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.17.3","lessThanOrEqual":"6.17.*","status":"unaffected","versionType":"semver"},{"version":"6.18","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.13","versionEndExcluding":"5.15.195"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.13","versionEndExcluding":"6.1.156"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.13","versionEndExcluding":"6.6.112"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.13","versionEndExcluding":"6.12.53"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.13","versionEndExcluding":"6.17.3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.13","versionEndExcluding":"6.18"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/cef047e0a55cb07906fcaae99170f19a9c0bb6c2"},{"url":"https://git.kernel.org/stable/c/fe53a726d5edf864e80b490780cc135fc1adece9"},{"url":"https://git.kernel.org/stable/c/9768536f82600a05ce901e31ccfabd92c027ff71"},{"url":"https://git.kernel.org/stable/c/296da78494633e1ab5e2e74173a9c8683b04aa6b"},{"url":"https://git.kernel.org/stable/c/f505a165f1c7cd37b4cb6952042a5984693a4067"},{"url":"https://git.kernel.org/stable/c/8a55c161f7f9c1aa1c70611b39830d51c83ef36d"}],"title":"coresight: trbe: Return NULL pointer for allocation failures","x_generator":{"engine":"bippy-1.2.0"}}}}