CVE-2025-40253

Summary

In the Linux kernel, the following vulnerability has been resolved:

s390/ctcm: Fix double-kfree

The function 'mpc_rcvd_sweep_req(mpcginfo)' is called conditionally from function 'ctcmpc_unpack_skb'. It frees passed mpcginfo. After that a call to function 'kfree' in function 'ctcmpc_unpack_skb' frees it again.

Remove 'kfree' call in function 'mpc_rcvd_sweep_req(mpcginfo)'.

Bug detected by the clang static analyzer.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux467ddbbe7e749d558f13e640f50f546149c930b3 < 06f1dd1de0d33dbfbd2e1fc9fc57d8895f730de2affected
LinuxLinux4d3c6d741816539b57fa1110c3f765a8c176d7b4 < 6bf8ccaabce8cebb6cb1f255c93d0acdfe95c17aaffected
LinuxLinux2bd57101c3ecf3f8c0da1d26c2b6ad511adc6d50 < 7616e2eee679746d526c7f5befd4eedb995935b5affected
LinuxLinux0c0b20587b9f25a2ad14db7f80ebe49bdf29920a < 43096dab8cc60fc39133205fd149a54d3acebea8affected
LinuxLinux0c0b20587b9f25a2ad14db7f80ebe49bdf29920a < 3b177b2ded563df16f6d5920671ffcfe5915d472affected
LinuxLinux0c0b20587b9f25a2ad14db7f80ebe49bdf29920a < b9dbfb1b5699f9f1e4991f96741bdf9047147589affected
LinuxLinux0c0b20587b9f25a2ad14db7f80ebe49bdf29920a < 7ff76f8dc6b550f8d16487bf3cebc278be720b5caffected
LinuxLinux0c0b20587b9f25a2ad14db7f80ebe49bdf29920a < da02a1824884d6c84c5e5b5ac373b0c9e3288ec2affected
LinuxLinux36933de59f67029e5739a98393891f9b94f27e0faffected
LinuxLinuxd886b4292a1c5b4facdb2dfdc31f0fecc71df898affected
LinuxLinux4c9ba0fed125deba8416b995b0c274b0804c0c24affected
LinuxLinuxea0053af5dab4d63a9c44563973fb2f3bfd9eb2baffected
LinuxLinux5.4.195 < 5.4.302affected
LinuxLinux5.10.117 < 5.10.247affected
LinuxLinux5.15.41 < 5.15.197affected
LinuxLinux4.9.315 < 4.10affected
LinuxLinux4.14.280 < 4.15affected
LinuxLinux4.19.244 < 4.20affected
LinuxLinux5.17.9 < 5.18affected
LinuxLinux5.18affected
LinuxLinux0 < 5.18unaffected
LinuxLinux5.4.302 <= 5.4.*unaffected
LinuxLinux5.10.247 <= 5.10.*unaffected
LinuxLinux5.15.197 <= 5.15.*unaffected
LinuxLinux6.1.159 <= 6.1.*unaffected
LinuxLinux6.6.118 <= 6.6.*unaffected
LinuxLinux6.12.60 <= 6.12.*unaffected
LinuxLinux6.17.10 <= 6.17.*unaffected
LinuxLinux6.18 <= *unaffected

Weaknesses

References