2414484 – (CVE-2025-40144) CVE-2025-40144 kernel: nvdimm: ndtest: Return -ENOMEM if devm_kcalloc() fails in ndtest_probe()

Bug 2414484 (CVE-2025-40144) - CVE-2025-40144 kernel: nvdimm: ndtest: Return -ENOMEM if devm_kcalloc() fails in ndtest_probe()

Summary: CVE-2025-40144 kernel: nvdimm: ndtest: Return -ENOMEM if devm_kcalloc() fails...

Keywords:
Status:	NEW
Alias:	CVE-2025-40144
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2025-11-12 11:02 UTC by OSIDB Bzimport
Modified:	2025-11-21 09:27 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-11-12 11:02:43 UTC

In the Linux kernel, the following vulnerability has been resolved:

nvdimm: ndtest: Return -ENOMEM if devm_kcalloc() fails in ndtest_probe()

devm_kcalloc() may fail. ndtest_probe() allocates three DMA address
arrays (dcr_dma, label_dma, dimm_dma) and later unconditionally uses
them in ndtest_nvdimm_init(), which can lead to a NULL pointer
dereference under low-memory conditions.

Check all three allocations and return -ENOMEM if any allocation fails,
jumping to the common error path. Do not emit an extra error message
since the allocator already warns on allocation failure.

Comment 1 Alexander B 2025-11-13 15:39:47 UTC

Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025111256-CVE-2025-40144-f4bd@gregkh/T

Note You need to log in before you can comment on or make changes to this bug.