CVE-2025-40193
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
xtensa: simdisk: add input size check in proc_write_simdisk
A malicious user could pass an arbitrarily bad value to memdup_user_nul(), potentially causing kernel crash.
This follows the same pattern as commit ee76746387f6 ("netdevsim: prevent bad user input in nsim_dev_health_break_write()")
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | b6c7e873daf765e41233b9752083b66442703b7a < f40405ccfb87b71175f2d5d004c0b8a0aebcc2cf | affected |
| Linux | Linux | b6c7e873daf765e41233b9752083b66442703b7a < 151bd88859474cdaccc1e4c8b21fbf72dbba2ab4 | affected |
| Linux | Linux | b6c7e873daf765e41233b9752083b66442703b7a < d381de7fd4cdc928ede96987dc64b133e6480dd6 | affected |
| Linux | Linux | b6c7e873daf765e41233b9752083b66442703b7a < a0c2c36d864ef3676b05cfd8c58b72ee3214cb1a | affected |
| Linux | Linux | b6c7e873daf765e41233b9752083b66442703b7a < 5d5f08fd0cd970184376bee07d59f635c8403f63 | affected |
| Linux | Linux | 3.9 | affected |
| Linux | Linux | 0 < 3.9 | unaffected |
| Linux | Linux | 6.1.157 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.113 <= 6.6.* | unaffected |
| Linux | Linux | 6.12.54 <= 6.12.* | unaffected |
| Linux | Linux | 6.17.4 <= 6.17.* | unaffected |
| Linux | Linux | 6.18 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/f40405ccfb87b71175f2d5d004c0b8a0aebcc2cf
- https://git.kernel.org/stable/c/151bd88859474cdaccc1e4c8b21fbf72dbba2ab4
- https://git.kernel.org/stable/c/d381de7fd4cdc928ede96987dc64b133e6480dd6
- https://git.kernel.org/stable/c/a0c2c36d864ef3676b05cfd8c58b72ee3214cb1a
- https://git.kernel.org/stable/c/5d5f08fd0cd970184376bee07d59f635c8403f63
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.