CVE-2025-40193

Summary

In the Linux kernel, the following vulnerability has been resolved:

xtensa: simdisk: add input size check in proc_write_simdisk

A malicious user could pass an arbitrarily bad value to memdup_user_nul(), potentially causing kernel crash.

This follows the same pattern as commit ee76746387f6 ("netdevsim: prevent bad user input in nsim_dev_health_break_write()")

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxb6c7e873daf765e41233b9752083b66442703b7a < f40405ccfb87b71175f2d5d004c0b8a0aebcc2cfaffected
LinuxLinuxb6c7e873daf765e41233b9752083b66442703b7a < 151bd88859474cdaccc1e4c8b21fbf72dbba2ab4affected
LinuxLinuxb6c7e873daf765e41233b9752083b66442703b7a < d381de7fd4cdc928ede96987dc64b133e6480dd6affected
LinuxLinuxb6c7e873daf765e41233b9752083b66442703b7a < a0c2c36d864ef3676b05cfd8c58b72ee3214cb1aaffected
LinuxLinuxb6c7e873daf765e41233b9752083b66442703b7a < 5d5f08fd0cd970184376bee07d59f635c8403f63affected
LinuxLinux3.9affected
LinuxLinux0 < 3.9unaffected
LinuxLinux6.1.157 <= 6.1.*unaffected
LinuxLinux6.6.113 <= 6.6.*unaffected
LinuxLinux6.12.54 <= 6.12.*unaffected
LinuxLinux6.17.4 <= 6.17.*unaffected
LinuxLinux6.18 <= *unaffected

Weaknesses

References