CVE-2025-40192

Summary

In the Linux kernel, the following vulnerability has been resolved:

Revert "ipmi: fix msg stack when IPMI is disconnected"

This reverts commit c608966f3f9c2dca596967501d00753282b395fc.

This patch has a subtle bug that can cause the IPMI driver to go into an infinite loop if the BMC misbehaves in a certain way. Apparently certain BMCs do misbehave this way because several reports have come in recently about this.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxc608966f3f9c2dca596967501d00753282b395fc < f4aab940ae9eb3ba32e5332b35703673f00d7f37affected
LinuxLinuxc608966f3f9c2dca596967501d00753282b395fc < b9cc7155e65f6feca51bfedd543b9bd300e2be2baffected
LinuxLinuxc608966f3f9c2dca596967501d00753282b395fc < 8cf5c24533b8058910fcb83a25a9cf0306383780affected
LinuxLinuxc608966f3f9c2dca596967501d00753282b395fc < 5d09ee1bec870263f4ace439402ea840503b503baffected
LinuxLinux6.2affected
LinuxLinux0 < 6.2unaffected
LinuxLinux6.6.113 <= 6.6.*unaffected
LinuxLinux6.12.54 <= 6.12.*unaffected
LinuxLinux6.17.4 <= 6.17.*unaffected
LinuxLinux6.18 <= *unaffected

Weaknesses

References