CVE-2025-40274Linux vulnerability

15 documents6 sources
Severity
N/A
No vector
EPSS
0.0%
top 90.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 6
Latest updateFeb 24

Description

In the Linux kernel, the following vulnerability has been resolved: KVM: guest_memfd: Remove bindings on memslot deletion when gmem is dying When unbinding a memslot from a guest_memfd instance, remove the bindings even if the guest_memfd file is dying, i.e. even if its file refcount has gone to zero. If the memslot is freed before the file is fully released, nullifying the memslot side of the binding in kvm_gmem_release() will write to freed memory, as detected by syzbot+KASAN: BUG: KASAN: s

Affected Packages5 packages

Linuxlinux/linux_kernel6.8.06.12.59+1
Debianlinux/linux_kernel< 6.12.63-1+1
Ubuntulinux/linux_kernel< 6.17.0-14.14
CVEListV5linux/linuxa7800aa80ea4d5356b8474c2302812e9d4926fa6a8ac2bd0f98e1a230f1eb3260fa552bf2ef1753b+3
debiandebian/linux< linux 6.17.9-1 (forky)

🔴Vulnerability Details

8
OSV
linux-azure vulnerabilities2026-02-24
OSV
linux-oem-6.17 vulnerabilities2026-02-17
OSV
linux-aws, linux-oracle vulnerabilities2026-02-17
OSV
linux-gcp vulnerabilities2026-02-12
OSV
linux, linux-raspi, linux-realtime vulnerabilities2026-02-12

📋Vendor Advisories

6
Ubuntu
Linux kernel (Azure) vulnerabilities2026-02-24
Ubuntu
Linux kernel (OEM) vulnerabilities2026-02-17
Ubuntu
Linux kernel (GCP) vulnerabilities2026-02-12
Ubuntu
Linux kernel vulnerabilities2026-02-12
Red Hat
kernel: KVM: guest_memfd: Remove bindings on memslot deletion when gmem is dying2025-12-06