CVE-2025-40057

Summary

In the Linux kernel, the following vulnerability has been resolved:

ptp: Add a upper bound on max_vclocks

syzbot reported WARNING in max_vclocks_store.

This occurs when the argument max is too large for kcalloc to handle.

Extend the guard to guard against values that are too large for kcalloc

Affected Software

VendorProductVersion RangeStatus
LinuxLinux73f37068d540eba5f93ba3a0019bf479d35ebd76 < 8dd446056336faa2283d62cefc2f576536845edcaffected
LinuxLinux73f37068d540eba5f93ba3a0019bf479d35ebd76 < 35ce5f163889dbce88eda1df661b357a09bbed87affected
LinuxLinux73f37068d540eba5f93ba3a0019bf479d35ebd76 < e9f35294e18da82162004a2f35976e7031aaf7f9affected
LinuxLinux5.14affected
LinuxLinux0 < 5.14unaffected
LinuxLinux6.12.53 <= 6.12.*unaffected
LinuxLinux6.17.3 <= 6.17.*unaffected
LinuxLinux6.18 <= *unaffected

Weaknesses

References