CVE-2025-40117 — Linux vulnerability

15 documents6 sources

Severity

—N/A

No vector

EPSS

0.0%

top 94.06%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedNov 12

Latest updateFeb 24

Description

In the Linux kernel, the following vulnerability has been resolved: misc: pci_endpoint_test: Fix array underflow in pci_endpoint_test_ioctl() Commit eefb83790a0d ("misc: pci_endpoint_test: Add doorbell test case") added NO_BAR (-1) to the pci_barno enum which, in practical terms, changes the enum from an unsigned int to a signed int. If the user passes a negative number in pci_endpoint_test_ioctl() then it results in an array underflow in pci_endpoint_test_bar().

Affected Packages4 packages

▶Linuxlinux/linux_kernel6.17.0 — 6.17.3

▶Ubuntulinux/linux_kernel< 6.17.0-14.14

▶CVEListV5linux/linuxeefb83790a0dda112d1755e4f5e213738d717e76 — 6df3687922570f753574c40b35e83b26b32292d0+2

▶debiandebian/linux

🔴Vulnerability Details

OSV

linux-azure vulnerabilities↗2026-02-24

▶

OSV

linux-oem-6.17 vulnerabilities↗2026-02-17

▶

OSV

linux-aws, linux-oracle vulnerabilities↗2026-02-17

▶

OSV

linux-gcp vulnerabilities↗2026-02-12

▶

OSV

linux, linux-raspi, linux-realtime vulnerabilities↗2026-02-12

▶

📋Vendor Advisories

Ubuntu

Linux kernel (Azure) vulnerabilities↗2026-02-24

▶

Ubuntu

Linux kernel (OEM) vulnerabilities↗2026-02-17

▶

Ubuntu

Linux kernel (GCP) vulnerabilities↗2026-02-12

▶

Ubuntu

Linux kernel vulnerabilities↗2026-02-12

▶

Red Hat

kernel: misc: pci_endpoint_test: Fix array underflow in pci_endpoint_test_ioctl()↗2025-11-12

▶