CVE-2025-40107Linux vulnerability

24 documents7 sources
Severity
3.2LOWOSV
No vector
EPSS
0.0%
top 87.33%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
LinuxLinux KernelDebian Linux+2 more
Timeline
PublishedNov 3
Latest updateApr 9

Description

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled This issue is similar to the vulnerability in the `mcp251x` driver, which was fixed in commit 03c427147b2d ("can: mcp251x: fix resume from sleep before interface was brought up"). In the `hi311x` driver, when the device resumes from sleep, the driver schedules `priv->restart_work`. However, if the network interface was not previous

Affected Packages7 packages

Linuxlinux/linux_kernel4.12.06.1.156+3
Debianlinux/linux_kernel< 6.1.158-1+2
Ubuntulinux/linux_kernel< 6.8.0-106.106
CVEListV5linux/linux57e83fb9b7468c75cb65cde1d23043553c346c6dd1fc4c041459e2d4856c1b2501486ba4f0cbf96b+5

🔴Vulnerability Details

11
OSV
linux-raspi, linux-raspi-realtime vulnerabilities2026-04-01
OSV
linux-azure-6.8 vulnerabilities2026-03-25
OSV
linux-azure vulnerabilities2026-03-25
OSV
linux-aws-6.8 vulnerabilities2026-03-23
OSV
linux-realtime, linux-realtime-6.8 vulnerabilities2026-03-17

📋Vendor Advisories

12
Ubuntu
Linux kernel (Azure FIPS) vulnerabilities2026-04-09
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities2026-04-01
Ubuntu
Linux kernel (Azure) vulnerabilities2026-03-25
Ubuntu
Linux kernel (Azure) vulnerabilities2026-03-25
Ubuntu
Linux kernel (AWS) vulnerabilities2026-03-23
CVE-2025-40107 — Linux vulnerability | cvebase