CVE-2025-40028Linux vulnerability

12 documents6 sources
Severity
N/A
No vector
EPSS
0.0%
top 92.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 28
Latest updateDec 11

Description

In the Linux kernel, the following vulnerability has been resolved: binder: fix double-free in dbitmap A process might fail to allocate a new bitmap when trying to expand its proc->dmap. In that case, dbitmap_grow() fails and frees the old bitmap via dbitmap_free(). However, the driver calls dbitmap_free() again when the same process terminates, leading to a double-free error: BUG: KASAN: double-free in binder_proc_dec_tmpref+0x2e0/0x55c Free of addr ffff00000b7c1420 by task kworker/9:1/209

Affected Packages5 packages

Linuxlinux/linux_kernel6.11.06.12.52+2
Debianlinux/linux_kernel< 6.12.57-1+1
Ubuntulinux/linux_kernel< 6.17.0-7.7
CVEListV5linux/linux15d9da3f818cae676f822a04407d3c17b53357d2c301ec61ce6f16e21a36b99225ca8a20c1591e10+4
debiandebian/linux< linux 6.17.6-1 (forky)

🔴Vulnerability Details

6
OSV
linux-raspi vulnerabilities2025-12-11
OSV
linux-gcp vulnerabilities2025-12-05
OSV
linux, linux-aws, linux-realtime vulnerabilities2025-12-03
OSV
binder: fix double-free in dbitmap2025-10-28
OSV
CVE-2025-40028: In the Linux kernel, the following vulnerability has been resolved: binder: fix double-free in dbitmap A process might fail to allocate a new bitmap w2025-10-28

📋Vendor Advisories

5
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities2025-12-11
Ubuntu
Linux kernel (GCP) vulnerabilities2025-12-05
Ubuntu
Linux kernel vulnerabilities2025-12-03
Red Hat
kernel: binder: fix double-free in dbitmap2025-10-28
Debian
CVE-2025-40028: linux - In the Linux kernel, the following vulnerability has been resolved: binder: fix...2025