[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2025-39938":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":84,"related":85,"reserved_at":9,"published_at":102,"modified_at":103,"state":104,"summary":105,"references_raw":114,"kevs":137,"epss":138,"epss_history":141,"metrics":410,"affected":416},"CVE-2025-39938","In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed\n\nIf earlier opening of source graph fails (e.g. ADSP rejects due to\nincorrect audioreach topology), the graph is closed and\n\"dai_data->graph[dai->id]\" is assigned NULL.  Preparing the DAI for sink\ngraph continues though and next call to q6apm_lpass_dai_prepare()\nreceives dai_data->graph[dai->id]=NULL leading to NULL pointer\nexception:\n\n  qcom-apm gprsvc:service:2:1: Error (1) Processing 0x01001002 cmd\n  qcom-apm gprsvc:service:2:1: DSP returned error[1001002] 1\n  q6apm-lpass-dais 30000000.remoteproc:glink-edge:gpr:service@1:bedais: fail to start APM port 78\n  q6apm-lpass-dais 30000000.remoteproc:glink-edge:gpr:service@1:bedais: ASoC: error at snd_soc_pcm_dai_prepare on TX_CODEC_DMA_TX_3: -22\n  Unable to handle kernel NULL pointer dereference at virtual address 00000000000000a8\n  ...\n  Call trace:\n   q6apm_graph_media_format_pcm+0x48/0x120 (P)\n   q6apm_lpass_dai_prepare+0x110/0x1b4\n   snd_soc_pcm_dai_prepare+0x74/0x108\n   __soc_pcm_prepare+0x44/0x160\n   dpcm_be_dai_prepare+0x124/0x1c0",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-476","NULL Pointer Dereference","The product dereferences a pointer that it expects to be valid but is NULL.","weakness","Stable","Base","Medium",[],[],[],[],[24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82],{"_key":25},"DLA-4379-1",{"_key":27},"DSA-6053-1",{"_key":29},"SUSE-SU-2025:4057-1",{"_key":31},"SUSE-SU-2025:4132-1",{"_key":33},"SUSE-SU-2025:4128-1",{"_key":35},"SUSE-SU-2025:4301-1",{"_key":37},"SUSE-SU-2025:21040-1",{"_key":39},"SUSE-SU-2025:21052-1",{"_key":41},"SUSE-SU-2025:21056-1",{"_key":43},"SUSE-SU-2025:21064-1",{"_key":45},"SUSE-SU-2025:21074-1",{"_key":47},"SUSE-SU-2025:21139-1",{"_key":49},"SUSE-SU-2025:21179-1",{"_key":51},"SUSE-SU-2025:4141-1",{"_key":53},"SUSE-SU-2025:4140-1",{"_key":55},"OPENSUSE-SU-2025:20081-1",{"_key":57},"MGASA-2025-0309",{"_key":59},"MGASA-2025-0310",{"_key":61},"DEBIAN-CVE-2025-39938",{"_key":63},"USN-8095-1",{"_key":65},"USN-8095-2",{"_key":67},"USN-8095-3",{"_key":69},"USN-8095-4",{"_key":71},"USN-8095-5",{"_key":73},"USN-8100-1",{"_key":75},"USN-8125-1",{"_key":77},"USN-8165-1",{"_key":79},"USN-8126-1",{"_key":81},"UBUNTU-CVE-2025-39938",{"_key":83},"USN-8261-1",[],[86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101],{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},"2025-10-04T07:31:01.736Z","2026-05-11T21:39:19.660Z","Analyzed",{"cisa_kev":106,"cisa_ransomware":106,"cisa_vendor":9,"epss_severity":107,"epss_score":108,"severity":109,"severity_score":110,"severity_version":111,"severity_source":112,"severity_vector":113,"severity_status":104},false,"low",0.00024,"medium",5.5,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",[115,121,125,129,133],{"url":116,"sources":117,"tags":119},"https://git.kernel.org/stable/c/01d1ba106c9e02a2e7d41e07be49031a0ff0ecaa",[118,112],"cve.org",[120],"Patch",{"url":122,"sources":123,"tags":124},"https://git.kernel.org/stable/c/411f7d4f7038200cdf6d4f71ee31026ebf2dfedb",[118,112],[120],{"url":126,"sources":127,"tags":128},"https://git.kernel.org/stable/c/9c534dbfd1726502abcf0bd393a04214f62c050b",[118,112],[120],{"url":130,"sources":131,"tags":132},"https://git.kernel.org/stable/c/cc336b242ea7e7a09b3ab9f885341455ca0a3bdb",[118,112],[120],{"url":134,"sources":135,"tags":136},"https://git.kernel.org/stable/c/68f27f7c7708183e7873c585ded2f1b057ac5b97",[118,112],[120],[],{"date":139,"score":108,"percentile":140},"2026-06-03",0.07175,[142,145,149,152,155,158,160,163,166,169,172,175,178,181,184,187,190,193,196,199,202,205,208,212,214,218,221,224,227,230,233,236,239,242,245,248,251,254,258,261,264,267,270,273,276,279,282,285,287,290,293,296,299,302,305,308,311,314,317,319,321,324,327,330,333,336,339,342,345,348,350,353,356,359,362,365,367,370,373,376,379,382,386,389,392,395,398,401,404,407],{"date":143,"score":108,"percentile":144},"2025-11-04",0.04944,{"date":146,"score":147,"percentile":148},"2025-11-05",0.00026,0.05746,{"date":150,"score":147,"percentile":151},"2025-11-06",0.05863,{"date":153,"score":147,"percentile":154},"2025-11-07",0.05875,{"date":156,"score":147,"percentile":157},"2025-11-08",0.05881,{"date":159,"score":147,"percentile":154},"2025-11-09",{"date":161,"score":147,"percentile":162},"2025-11-10",0.05852,{"date":164,"score":147,"percentile":165},"2025-11-11",0.0588,{"date":167,"score":147,"percentile":168},"2025-11-12",0.05928,{"date":170,"score":147,"percentile":171},"2025-11-13",0.05963,{"date":173,"score":147,"percentile":174},"2025-11-14",0.05995,{"date":176,"score":147,"percentile":177},"2025-11-15",0.06022,{"date":179,"score":147,"percentile":180},"2025-11-16",0.06045,{"date":182,"score":147,"percentile":183},"2025-11-17",0.06033,{"date":185,"score":147,"percentile":186},"2025-11-18",0.03598,{"date":188,"score":147,"percentile":189},"2025-11-19",0.03648,{"date":191,"score":147,"percentile":192},"2025-11-20",0.03715,{"date":194,"score":147,"percentile":195},"2025-11-21",0.06153,{"date":197,"score":147,"percentile":198},"2025-11-22",0.06102,{"date":200,"score":147,"percentile":201},"2025-11-23",0.06092,{"date":203,"score":147,"percentile":204},"2025-11-24",0.06071,{"date":206,"score":147,"percentile":207},"2025-11-25",0.06059,{"date":209,"score":210,"percentile":211},"2025-11-26",0.00045,0.13414,{"date":213,"score":210,"percentile":211},"2025-11-27",{"date":215,"score":216,"percentile":217},"2025-11-28",0.00037,0.10637,{"date":219,"score":216,"percentile":220},"2025-11-29",0.10624,{"date":222,"score":216,"percentile":223},"2025-11-30",0.10629,{"date":225,"score":216,"percentile":226},"2025-12-01",0.10671,{"date":228,"score":216,"percentile":229},"2025-12-02",0.10678,{"date":231,"score":216,"percentile":232},"2025-12-03",0.10692,{"date":234,"score":216,"percentile":235},"2025-12-04",0.10669,{"date":237,"score":216,"percentile":238},"2025-12-05",0.10695,{"date":240,"score":216,"percentile":241},"2025-12-06",0.10704,{"date":243,"score":216,"percentile":244},"2025-12-07",0.10697,{"date":246,"score":216,"percentile":247},"2025-12-08",0.10703,{"date":249,"score":216,"percentile":250},"2025-12-09",0.10752,{"date":252,"score":216,"percentile":253},"2025-12-10",0.10813,{"date":255,"score":256,"percentile":257},"2025-12-11",0.00039,0.11533,{"date":259,"score":256,"percentile":260},"2025-12-12",0.11562,{"date":262,"score":256,"percentile":263},"2025-12-13",0.11572,{"date":265,"score":256,"percentile":266},"2025-12-14",0.11564,{"date":268,"score":256,"percentile":269},"2025-12-15",0.11514,{"date":271,"score":256,"percentile":272},"2025-12-16",0.11507,{"date":274,"score":256,"percentile":275},"2025-12-17",0.11592,{"date":277,"score":256,"percentile":278},"2025-12-18",0.11639,{"date":280,"score":256,"percentile":281},"2025-12-19",0.11656,{"date":283,"score":256,"percentile":284},"2025-12-20",0.11657,{"date":286,"score":256,"percentile":278},"2025-12-21",{"date":288,"score":256,"percentile":289},"2025-12-22",0.11606,{"date":291,"score":256,"percentile":292},"2025-12-23",0.11605,{"date":294,"score":256,"percentile":295},"2025-12-24",0.11619,{"date":297,"score":256,"percentile":298},"2025-12-25",0.11687,{"date":300,"score":256,"percentile":301},"2025-12-26",0.11669,{"date":303,"score":256,"percentile":304},"2025-12-27",0.11684,{"date":306,"score":256,"percentile":307},"2025-12-28",0.11662,{"date":309,"score":256,"percentile":310},"2025-12-29",0.11611,{"date":312,"score":256,"percentile":313},"2025-12-30",0.11587,{"date":315,"score":256,"percentile":316},"2025-12-31",0.1163,{"date":318,"score":256,"percentile":301},"2026-01-01",{"date":320,"score":256,"percentile":284},"2026-01-02",{"date":322,"score":256,"percentile":323},"2026-01-03",0.11618,{"date":325,"score":256,"percentile":326},"2026-01-04",0.11548,{"date":328,"score":256,"percentile":329},"2026-01-05",0.1151,{"date":331,"score":256,"percentile":332},"2026-01-06",0.11519,{"date":334,"score":256,"percentile":335},"2026-01-07",0.11555,{"date":337,"score":256,"percentile":338},"2026-01-08",0.11603,{"date":340,"score":256,"percentile":341},"2026-01-09",0.11631,{"date":343,"score":256,"percentile":344},"2026-01-10",0.1164,{"date":346,"score":256,"percentile":347},"2026-01-11",0.11612,{"date":349,"score":256,"percentile":313},"2026-01-12",{"date":351,"score":256,"percentile":352},"2026-01-13",0.11561,{"date":354,"score":256,"percentile":355},"2026-01-14",0.11614,{"date":357,"score":256,"percentile":358},"2026-01-15",0.11617,{"date":360,"score":256,"percentile":361},"2026-01-16",0.11658,{"date":363,"score":256,"percentile":364},"2026-01-17",0.11665,{"date":366,"score":256,"percentile":347},"2026-01-18",{"date":368,"score":256,"percentile":369},"2026-01-19",0.11547,{"date":371,"score":256,"percentile":372},"2026-01-20",0.11528,{"date":374,"score":256,"percentile":375},"2026-01-21",0.11509,{"date":377,"score":256,"percentile":378},"2026-01-22",0.11495,{"date":380,"score":256,"percentile":381},"2026-01-23",0.11583,{"date":383,"score":384,"percentile":385},"2026-01-24",0.00025,0.06365,{"date":387,"score":384,"percentile":388},"2026-01-25",0.06314,{"date":390,"score":384,"percentile":391},"2026-01-26",0.06299,{"date":393,"score":384,"percentile":394},"2026-01-27",0.06283,{"date":396,"score":384,"percentile":397},"2026-01-28",0.06256,{"date":399,"score":384,"percentile":400},"2026-01-29",0.06254,{"date":402,"score":384,"percentile":403},"2026-01-30",0.06259,{"date":405,"score":384,"percentile":406},"2026-01-31",0.06244,{"date":408,"score":384,"percentile":409},"2026-02-01",0.06284,[411],{"source":112,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":412,"cvss_v4_0":9},{"baseScore":110,"baseSeverity":413,"vectorString":113,"impactScore":414,"exploitabilityScore":415},"MEDIUM",6,4.6,[417,443],{"ecosystem":9,"name":418,"vendor":419,"product":419,"cpe_part":420,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":421},"Linux","linux","a",[422,429,432,435,438,441],{"version":423,"is_range":424,"range_type":118,"version_start":425,"version_start_type":426,"version_end":427,"version_end_type":428,"fixed_in":9},">= 30ad723b93ade607a678698e5947a55a4375c3a1, \u003C 01d1ba106c9e02a2e7d41e07be49031a0ff0ecaa",true,"30ad723b93ade607a678698e5947a55a4375c3a1","including","01d1ba106c9e02a2e7d41e07be49031a0ff0ecaa","excluding",{"version":430,"is_range":424,"range_type":118,"version_start":425,"version_start_type":426,"version_end":431,"version_end_type":428,"fixed_in":9},">= 30ad723b93ade607a678698e5947a55a4375c3a1, \u003C 411f7d4f7038200cdf6d4f71ee31026ebf2dfedb","411f7d4f7038200cdf6d4f71ee31026ebf2dfedb",{"version":433,"is_range":424,"range_type":118,"version_start":425,"version_start_type":426,"version_end":434,"version_end_type":428,"fixed_in":9},">= 30ad723b93ade607a678698e5947a55a4375c3a1, \u003C 9c534dbfd1726502abcf0bd393a04214f62c050b","9c534dbfd1726502abcf0bd393a04214f62c050b",{"version":436,"is_range":424,"range_type":118,"version_start":425,"version_start_type":426,"version_end":437,"version_end_type":428,"fixed_in":9},">= 30ad723b93ade607a678698e5947a55a4375c3a1, \u003C cc336b242ea7e7a09b3ab9f885341455ca0a3bdb","cc336b242ea7e7a09b3ab9f885341455ca0a3bdb",{"version":439,"is_range":424,"range_type":118,"version_start":425,"version_start_type":426,"version_end":440,"version_end_type":428,"fixed_in":9},">= 30ad723b93ade607a678698e5947a55a4375c3a1, \u003C 68f27f7c7708183e7873c585ded2f1b057ac5b97","68f27f7c7708183e7873c585ded2f1b057ac5b97",{"version":442,"is_range":106,"range_type":118,"version_start":442,"version_start_type":426,"version_end":442,"version_end_type":426,"fixed_in":9},"5.16",{"ecosystem":9,"name":444,"vendor":419,"product":445,"cpe_part":446,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":447},"linux kernel","linux_kernel","o",[448,452,456,460,464,466,468,470,472,474],{"version":449,"is_range":424,"range_type":450,"version_start":442,"version_start_type":426,"version_end":451,"version_end_type":428,"fixed_in":9},"gte5.16_lt6.1.154","cpe","6.1.154",{"version":453,"is_range":424,"range_type":450,"version_start":454,"version_start_type":426,"version_end":455,"version_end_type":428,"fixed_in":9},"gte6.2_lt6.6.108","6.2","6.6.108",{"version":457,"is_range":424,"range_type":450,"version_start":458,"version_start_type":426,"version_end":459,"version_end_type":428,"fixed_in":9},"gte6.7_lt6.12.49","6.7","6.12.49",{"version":461,"is_range":424,"range_type":450,"version_start":462,"version_start_type":426,"version_end":463,"version_end_type":428,"fixed_in":9},"gte6.13_lt6.16.9","6.13","6.16.9",{"version":465,"is_range":106,"range_type":450,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.17:rc1",{"version":467,"is_range":106,"range_type":450,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.17:rc2",{"version":469,"is_range":106,"range_type":450,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.17:rc3",{"version":471,"is_range":106,"range_type":450,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.17:rc4",{"version":473,"is_range":106,"range_type":450,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.17:rc5",{"version":475,"is_range":106,"range_type":450,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.17:rc6"]