CVE-2025-40112

Summary

In the Linux kernel, the following vulnerability has been resolved:

sparc: fix accurate exception reporting in copy_{from_to}_user for Niagara

The referenced commit introduced exception handlers on user-space memory references in copy_from_user and copy_to_user. These handlers return from the respective function and calculate the remaining bytes left to copy using the current register contents. This commit fixes a couple of bad calculations and a broken epilogue in the exception handlers. This will prevent crashes and ensure correct return values of copy_from_user and copy_to_user in the faulting case. The behaviour of memcpy stays unchanged.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux7ae3aaf53f1695877ccd5ebbc49ea65991e41f1e < 05440320ea3e249d5f984918f2bf51210c1a7c03affected
LinuxLinux7ae3aaf53f1695877ccd5ebbc49ea65991e41f1e < 7823fc4d8ab5e57f8db7806ff2530c03c166c4bbaffected
LinuxLinux7ae3aaf53f1695877ccd5ebbc49ea65991e41f1e < 37547d8e6eba87507279ee3dfddfd9dc46335454affected
LinuxLinux7ae3aaf53f1695877ccd5ebbc49ea65991e41f1e < a365ee556e45f780ee322b349a06efdad0c1458faffected
LinuxLinux7ae3aaf53f1695877ccd5ebbc49ea65991e41f1e < 8cdeb5e482d3fdce7e825444b6ca3865e24c0228affected
LinuxLinux7ae3aaf53f1695877ccd5ebbc49ea65991e41f1e < a90ce516a73dbe087f9bf3dbf311301a58d125c6affected
LinuxLinux7ae3aaf53f1695877ccd5ebbc49ea65991e41f1e < 088c5098ec6d6b0396edfbf3dad3e81de8469c1caffected
LinuxLinux7ae3aaf53f1695877ccd5ebbc49ea65991e41f1e < 0b67c8fc10b13a9090340c5f8a37d308f4e1571caffected
LinuxLinuxbfc8be6593097cb074d3912ba2f27565cfbb7d6eaffected
LinuxLinuxa15859f9d8396cce7c55ccdb7e75f70f14cbc349affected
LinuxLinux4.4.34 < 4.5affected
LinuxLinux4.8.10 < 4.9affected
LinuxLinux4.9affected
LinuxLinux0 < 4.9unaffected
LinuxLinux5.4.301 <= 5.4.*unaffected
LinuxLinux5.10.246 <= 5.10.*unaffected
LinuxLinux5.15.195 <= 5.15.*unaffected
LinuxLinux6.1.156 <= 6.1.*unaffected
LinuxLinux6.6.112 <= 6.6.*unaffected
LinuxLinux6.12.53 <= 6.12.*unaffected
LinuxLinux6.17.3 <= 6.17.*unaffected
LinuxLinux6.18 <= *unaffected

Weaknesses

References