CVE-2025-40124Linux vulnerability

54 documents6 sources
Severity
7.8HIGHOSV
OSV5.5OSV3.2
No vector
EPSS
0.1%
top 82.29%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
LinuxLinux KernelDebian Linux+1 more
Timeline
PublishedNov 12
Latest updateApr 13

Description

In the Linux kernel, the following vulnerability has been resolved: sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC III Anthony Yznaga tracked down that a BUG_ON in ext4 code with large folios enabled resulted from copy_from_user() returning impossibly large values greater than the size to be copied. This lead to __copy_from_iter() returning impossible values instead of the actual number of bytes it was able to copy. The BUG_ON has been reported in https://lore.k

Affected Packages6 packages

Linuxlinux/linux_kernel4.9.05.4.301+6
Debianlinux/linux_kernel< 6.1.158-1+2
Ubuntulinux/linux_kernel< 5.15.0-170.180+2
CVEListV5linux/linuxee841d0aff649164080e445e84885015958d8ff4fdd43fe6d286f27b826572457a89c926f97e2d3a+10
debiandebian/linux< linux 6.1.158-1 (bookworm)

🔴Vulnerability Details

27
OSV
linux-raspi vulnerabilities2026-04-01
OSV
linux-raspi, linux-raspi-realtime vulnerabilities2026-04-01
OSV
linux-azure-6.8 vulnerabilities2026-03-25
OSV
linux-azure vulnerabilities2026-03-25
OSV
linux-aws-6.8 vulnerabilities2026-03-23

📋Vendor Advisories

26
Ubuntu
Linux kernel (Azure) vulnerabilities2026-04-13
Ubuntu
Linux kernel (Azure FIPS) vulnerabilities2026-04-09
Ubuntu
Linux kernel (Azure FIPS) vulnerabilities2026-04-09
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities2026-04-01
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities2026-04-01