CVE-2025-40086Expired Pointer Dereference in Linux

CWE-825Expired Pointer Dereference15 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 92.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 30
Latest updateFeb 24

Description

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Don't allow evicting of BOs in same VM in array of VM binds An array of VM binds can potentially evict other buffer objects (BOs) within the same VM under certain conditions, which may lead to NULL pointer dereferences later in the bind pipeline. To prevent this, clear the allow_res_evict flag in the xe_bo_validate call. v2: - Invert polarity of no_res_evict (Thomas) - Add comment in code explaining issue (Thomas) (c

Affected Packages5 packages

Linuxlinux/linux_kernel6.8.06.17.5
Debianlinux/linux_kernel< 6.17.6-1
Ubuntulinux/linux_kernel< 6.17.0-14.14
CVEListV5linux/linuxdd08ebf6c3525a7ea2186e636df064ea472819875aa0ab0ba7d94549cfe17d6ef7a4f33ba1de8384+2
debiandebian/linux< linux 6.17.6-1 (forky)

🔴Vulnerability Details

8
OSV
linux-azure vulnerabilities2026-02-24
OSV
linux-oem-6.17 vulnerabilities2026-02-17
OSV
linux-aws, linux-oracle vulnerabilities2026-02-17
OSV
linux-gcp vulnerabilities2026-02-12
OSV
linux, linux-raspi, linux-realtime vulnerabilities2026-02-12

📋Vendor Advisories

6
Ubuntu
Linux kernel (Azure) vulnerabilities2026-02-24
Ubuntu
Linux kernel (OEM) vulnerabilities2026-02-17
Ubuntu
Linux kernel (GCP) vulnerabilities2026-02-12
Ubuntu
Linux kernel vulnerabilities2026-02-12
Red Hat
kernel: drm/xe: Don't allow evicting of BOs in same VM in array of VM binds2025-10-30