CVE-2025-40097

In the Linux kernel, the following vulnerability has been resolved:

ALSA: hda: Fix missing pointer check in hda_component_manager_init function

The __component_match_add function may assign the ‘matchptr’ pointer
the value ERR_PTR(-ENOMEM), which will subsequently be dereferenced.

The call stack leading to the error looks like this:

hda_component_manager_init
|-> component_match_add
|-> component_match_add_release
|-> __component_match_add ( … ,**matchptr, … )
|-> *matchptr = ERR_PTR(-ENOMEM); // assign
|-> component_master_add_with_match( … match)
|-> component_match_realloc(match, match->num); // dereference

Add IS_ERR() check to prevent the crash.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

More information : https://git.kernel.org/stable/c/1cf11d80db5df805b538c942269e05a65bcaf5bc