{"id":"CVE-2025-40317","summary":"regmap: slimbus: fix bus_context pointer in regmap init calls","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nregmap: slimbus: fix bus_context pointer in regmap init calls\n\nCommit 4e65bda8273c (\"ASoC: wcd934x: fix error handling in\nwcd934x_codec_parse_data()\") revealed the problem in the slimbus regmap.\nThat commit breaks audio playback, for instance, on sdm845 Thundercomm\nDragonboard 845c board:\n\n Unable to handle kernel paging request at virtual address ffff8000847cbad4\n ...\n CPU: 5 UID: 0 PID: 776 Comm: aplay Not tainted 6.18.0-rc1-00028-g7ea30958b305 #11 PREEMPT\n Hardware name: Thundercomm Dragonboard 845c (DT)\n ...\n Call trace:\n  slim_xfer_msg+0x24/0x1ac [slimbus] (P)\n  slim_read+0x48/0x74 [slimbus]\n  regmap_slimbus_read+0x18/0x24 [regmap_slimbus]\n  _regmap_raw_read+0xe8/0x174\n  _regmap_bus_read+0x44/0x80\n  _regmap_read+0x60/0xd8\n  _regmap_update_bits+0xf4/0x140\n  _regmap_select_page+0xa8/0x124\n  _regmap_raw_write_impl+0x3b8/0x65c\n  _regmap_bus_raw_write+0x60/0x80\n  _regmap_write+0x58/0xc0\n  regmap_write+0x4c/0x80\n  wcd934x_hw_params+0x494/0x8b8 [snd_soc_wcd934x]\n  snd_soc_dai_hw_params+0x3c/0x7c [snd_soc_core]\n  __soc_pcm_hw_params+0x22c/0x634 [snd_soc_core]\n  dpcm_be_dai_hw_params+0x1d4/0x38c [snd_soc_core]\n  dpcm_fe_dai_hw_params+0x9c/0x17c [snd_soc_core]\n  snd_pcm_hw_params+0x124/0x464 [snd_pcm]\n  snd_pcm_common_ioctl+0x110c/0x1820 [snd_pcm]\n  snd_pcm_ioctl+0x34/0x4c [snd_pcm]\n  __arm64_sys_ioctl+0xac/0x104\n  invoke_syscall+0x48/0x104\n  el0_svc_common.constprop.0+0x40/0xe0\n  do_el0_svc+0x1c/0x28\n  el0_svc+0x34/0xec\n  el0t_64_sync_handler+0xa0/0xf0\n  el0t_64_sync+0x198/0x19c\n\nThe __devm_regmap_init_slimbus() started to be used instead of\n__regmap_init_slimbus() after the commit mentioned above and turns out\nthe incorrect bus_context pointer (3rd argument) was used in\n__devm_regmap_init_slimbus(). It should be just \"slimbus\" (which is equal\nto &slimbus-\u003edev). Correct it. The wcd934x codec seems to be the only or\nthe first user of devm_regmap_init_slimbus() but we should fix it till\nthe point where __devm_regmap_init_slimbus() was introduced therefore\ntwo \"Fixes\" tags.\n\nWhile at this, also correct the same argument in __regmap_init_slimbus().","modified":"2026-03-31T17:29:59.421812648Z","published":"2025-12-08T00:46:44.287Z","related":["MGASA-2026-0017","MGASA-2026-0018","SUSE-SU-2026:0278-1","SUSE-SU-2026:0281-1","SUSE-SU-2026:0293-1","SUSE-SU-2026:0315-1","SUSE-SU-2026:20207-1","SUSE-SU-2026:20220-1","SUSE-SU-2026:20228-1","SUSE-SU-2026:20477-1","SUSE-SU-2026:20498-1","SUSE-SU-2026:20845-1","SUSE-SU-2026:20876-1","openSUSE-SU-2026:20145-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40317.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/02d3041caaa3fe4dd69e5a8afd1ac6b918ddc6a1"},{"type":"WEB","url":"https://git.kernel.org/stable/c/2664bfd8969d1c43dcbe3ea313f130dfa6b74f4c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/434f7349a1f00618a620b316f091bd13a12bc8d2"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8143e4075d131c528540417a51966f6697be14eb"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a16e92f8d7dc7371e68f17a9926cb92d2244be7b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b65f3303349eaee333e47d2a99045aa12fa0c3a7"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c0f05129e5734ff3fd14b2c242709314d9ca5433"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d979639f099c6e51f06ce4dd8d8e56364d6c17ba"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40317.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40317"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"7d6f7fb053ad543da74119df3c4cd7bb46220471"},{"fixed":"c0f05129e5734ff3fd14b2c242709314d9ca5433"},{"fixed":"02d3041caaa3fe4dd69e5a8afd1ac6b918ddc6a1"},{"fixed":"d979639f099c6e51f06ce4dd8d8e56364d6c17ba"},{"fixed":"8143e4075d131c528540417a51966f6697be14eb"},{"fixed":"2664bfd8969d1c43dcbe3ea313f130dfa6b74f4c"},{"fixed":"a16e92f8d7dc7371e68f17a9926cb92d2244be7b"},{"fixed":"b65f3303349eaee333e47d2a99045aa12fa0c3a7"},{"fixed":"434f7349a1f00618a620b316f091bd13a12bc8d2"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40317.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"4.16.0"},{"fixed":"5.4.302"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.10.247"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.197"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.159"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.117"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.12.58"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.17.8"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40317.json"}}],"schema_version":"1.7.5"}