CVE-2025-40030

Related CVE by CWE

No closely related CVE found.

Risk snapshot

EPSS: n/a   |   KEV: not listed

Related CVE by CWE

No related CWE found.

Top CVE for Vendor

No vendor taxonomy on this entry.

Recently Exploited Similar Vulnerabilities

No recent KEV-listed items for this vendor/product.

In the Linux kernel, the following vulnerability has been resolved:

pinctrl: check the return value of pinmux_ops::get_function_name()

While the API contract in docs doesn’t specify it explicitly, the
generic implementation of the get_function_name() callback from struct
pinmux_ops – pinmux_generic_get_function_name() – can fail and return
NULL. This is already checked in pinmux_check_ops() so add a similar
check in pinmux_func_name_to_selector() instead of passing the returned
pointer right down to strcmp() where the NULL can get dereferenced. This
is normal operation when adding new pinfunctions.

🧠 Explainer: What this vulnerability means

Summary: The issue in the product by the vendor (CWE: unspecified) may enable attacks.

Impact: Attackers could gain unauthorized access, execute code, or disrupt services.

Mitigation: Until patched, restrict exposure, enforce least privilege, and monitor for suspicious activity.