CVE-2025-40177Linux vulnerability

15 documents6 sources
Severity
5.5MEDIUMOSV
No vector
EPSS
0.0%
top 94.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedNov 12
Latest updateFeb 24

Description

In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix bootlog initialization ordering As soon as we queue MHI buffers to receive the bootlog from the device, we could be receiving data. Therefore all the resources needed to process that data need to be setup prior to queuing the buffers. We currently initialize some of the resources after queuing the buffers which creates a race between the probe() and any data that comes back from the device. If the uninitialize

Affected Packages5 packages

Linuxlinux/linux_kernel6.10.06.12.55+1
Debianlinux/linux_kernel< 6.12.57-1+1
Ubuntulinux/linux_kernel< 6.17.0-14.14
CVEListV5linux/linux5f8df5c6def641c164ed1b673d47a41fdd0013f8646868e6962b14e25ae7462fdd1fb061b40c1f16+3
debiandebian/linux< linux 6.17.6-1 (forky)

🔴Vulnerability Details

8
OSV
linux-azure vulnerabilities2026-02-24
OSV
linux-aws, linux-oracle vulnerabilities2026-02-17
OSV
linux-gcp vulnerabilities2026-02-12
OSV
linux, linux-raspi, linux-realtime vulnerabilities2026-02-12
OSV
linux-oem-6.14 vulnerabilities2025-12-15

📋Vendor Advisories

6
Ubuntu
Linux kernel (Azure) vulnerabilities2026-02-24
Ubuntu
Linux kernel (GCP) vulnerabilities2026-02-12
Ubuntu
Linux kernel vulnerabilities2026-02-12
Ubuntu
Linux kernel (OEM) vulnerabilities2025-12-15
Red Hat
kernel: accel/qaic: Fix bootlog initialization ordering2025-11-12