{"id":"CVE-2025-40062","summary":"crypto: hisilicon/qm - set NULL to qm-\u003edebug.qm_diff_regs","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: hisilicon/qm - set NULL to qm-\u003edebug.qm_diff_regs\n\nWhen the initialization of qm-\u003edebug.acc_diff_reg fails,\nthe probe process does not exit. However, after qm-\u003edebug.qm_diff_regs is\nfreed, it is not set to NULL. This can lead to a double free when the\nremove process attempts to free it again. Therefore, qm-\u003edebug.qm_diff_regs\nshould be set to NULL after it is freed.","modified":"2026-03-20T12:43:09.925229Z","published":"2025-10-28T11:48:33.961Z","related":["MGASA-2025-0309","MGASA-2025-0310","SUSE-SU-2025:21040-1","SUSE-SU-2025:21052-1","SUSE-SU-2025:21056-1","SUSE-SU-2025:21064-1","SUSE-SU-2025:21080-1","SUSE-SU-2025:21147-1","SUSE-SU-2025:21180-1","SUSE-SU-2025:4057-1","SUSE-SU-2025:4128-1","SUSE-SU-2025:4132-1","SUSE-SU-2025:4140-1","SUSE-SU-2025:4141-1","SUSE-SU-2025:4301-1","openSUSE-SU-2025:15702-1","openSUSE-SU-2025:20091-1","openSUSE-SU-2026:10301-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40062.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/1750f1ec143ebabdbdfa013668665c9d5042c430"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7226a0650ad5705bd8d39a11be270fa21ed1e6a5"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a7836260d5121949ba734e840d42a86ab4a32fcc"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a87a21a56244b8f4eb357f6bad879247005bbe38"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f0cafb02de883b3b413d34eb079c9680782a9cc1"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40062.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40062"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"eda60520cfe3aba9f088c68ebd5bcbca9fc6ac3c"},{"fixed":"a7836260d5121949ba734e840d42a86ab4a32fcc"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"7fc8d9a525b5c3f8dfa5ed50901e764d8ede7e1e"},{"fixed":"1750f1ec143ebabdbdfa013668665c9d5042c430"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"8be0913389718e8d27c4f1d4537b5e1b99ed7739"},{"fixed":"a87a21a56244b8f4eb357f6bad879247005bbe38"},{"fixed":"7226a0650ad5705bd8d39a11be270fa21ed1e6a5"},{"fixed":"f0cafb02de883b3b413d34eb079c9680782a9cc1"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"e0a2d2df9ba7bd6bd7e0a9b6a5e3894f7e8445b3"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40062.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.1.156"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.112"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.12.53"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.10.0"},{"fixed":"6.17.3"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40062.json"}}],"schema_version":"1.7.5"}