Description

In the Linux kernel, the following vulnerability has been resolved: be2net: pass wrb_params in case of OS2BMC be_insert_vlan_in_pkt() is called with the wrb_params argument being NULL at be_send_pkt_to_bmc() call site.  This may lead to dereferencing a NULL pointer when processing a workaround for specific packet, as commit bc0c3405abbb ("be2net: fix a Tx stall bug caused by a specific ipv6 packet") states. The correct way would be to pass the wrb_params from be_xmit().

INFO

Published Date :

2025-12-04T16:08:24.028Z

Last Modified :

2025-12-06T21:39:07.176Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-40264 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-40264.

URL Resource
https://git.kernel.org/stable/c/012ee5882b1830db469194466a210768ed207388 cve-icon cve-icon
https://git.kernel.org/stable/c/1ecd86ec6efddb59a10c927e8e679f183bb9113e cve-icon cve-icon
https://git.kernel.org/stable/c/48d59b60dd5d7e4c48c077a2008c9dcd7b59bdfe cve-icon cve-icon
https://git.kernel.org/stable/c/4c4741f6e7f2fa4e1486cb61e1c15b9236ec134d cve-icon cve-icon
https://git.kernel.org/stable/c/630360c6724e27f1aa494ba3fffe1e38c4205284 cve-icon cve-icon
https://git.kernel.org/stable/c/7d277a7a58578dd62fd546ddaef459ec24ccae36 cve-icon cve-icon
https://git.kernel.org/stable/c/ce0a3699244aca3acb659f143c9cb1327b210f89 cve-icon cve-icon
https://git.kernel.org/stable/c/f499dfa5c98e92e72dd454eb95a1000a448f3405 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025120435-CVE-2025-40264-4001@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-40264 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-40264 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact