Description

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Check the untrusted offset in FF-A memory share Verify the offset to prevent OOB access in the hypervisor FF-A buffer in case an untrusted large enough value [U32_MAX - sizeof(struct ffa_composite_mem_region) + 1, U32_MAX] is set from the host kernel.

INFO

Published Date :

2025-12-04T16:08:25.392Z

Last Modified :

2025-12-20T08:51:50.089Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-40266 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-40266.

URL Resource
https://git.kernel.org/stable/c/103e17aac09cdd358133f9e00998b75d6c1f1518 cve-icon cve-icon
https://git.kernel.org/stable/c/bc1909ef38788f2ee3d8011d70bf029948433051 cve-icon cve-icon
https://git.kernel.org/stable/c/f9f1aed6c8a3427900da3121e1868124854569c3 cve-icon cve-icon
https://git.kernel.org/stable/c/fc3139d9f4c1fe1c7d5f25f99676bd8e9c6a1041 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025120435-CVE-2025-40266-30a1@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-40266 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-40266 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System