CVE-2025-40164 — Improper Synchronization in Linux
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 99.80%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedNov 12
Latest updateApr 17
Description
In the Linux kernel, the following vulnerability has been resolved:
usbnet: Fix using smp_processor_id() in preemptible code warnings
Syzbot reported the following warning:
BUG: using smp_processor_id() in preemptible [00000000] code: dhcpcd/2879
caller is usbnet_skb_return+0x74/0x490 drivers/net/usb/usbnet.c:331
CPU: 1 UID: 0 PID: 2879 Comm: dhcpcd Not tainted 6.15.0-rc4-syzkaller-00098-g615dca38c2ea #0 PREEMPT(voluntary)
Call Trace:
__dump_stack lib/dump_stack.c:94 [inline]
dump_stack_lvl+…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6