Description

In the Linux kernel, the following vulnerability has been resolved: ipmi: Rework user message limit handling The limit on the number of user messages had a number of issues, improper counting in some cases and a use after free. Restructure how this is all done to handle more in the receive message allocation routine, so all refcouting and user message limit counts are done in that routine. It's a lot cleaner and safer.

INFO

Published Date :

2025-11-12T21:56:34.527Z

Last Modified :

2025-12-01T06:20:05.043Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-40202 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-40202.

URL Resource
https://git.kernel.org/stable/c/0ed73be9a2547ffb9b5c1d879ad9bfab73d920b5 cve-icon cve-icon
https://git.kernel.org/stable/c/348121b29594d42d1635648fd3ed31dfa25351d5 cve-icon cve-icon
https://git.kernel.org/stable/c/53d6e403affbf6df2c859a0ea00ccfc1e72090ca cve-icon cve-icon
https://git.kernel.org/stable/c/b52da4054ee0bf9ecb44996f2c83236ff50b3812 cve-icon cve-icon
https://git.kernel.org/stable/c/f63723ca7d7623f9dae1990973cd158671f03c56 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025111246-CVE-2025-40202-f5ad@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-40202 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-40202 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact