CVE-2025-40330Linux vulnerability

17 documents8 sources
Severity
5.2MEDIUM
No vector
EPSS
0.0%
top 89.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
LinuxLinux KernelDebian Linux+3 more
Timeline
PublishedDec 9
Latest updateFeb 24

Description

In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Shutdown FW DMA in bnxt_shutdown() The netif_close() call in bnxt_shutdown() only stops packet DMA. There may be FW DMA for trace logging (recently added) that will continue. If we kexec to a new kernel, the DMA will corrupt memory in the new kernel. Add bnxt_hwrm_func_drv_unrgtr() to unregister the driver from the FW. This will stop the FW DMA. In case the call fails, call pcie_flr() to reset the function and stop t

Affected Packages8 packages

Linuxlinux/linux_kernel6.13.06.17.8
Debianlinux/linux_kernel< 6.17.8-1
Ubuntulinux/linux_kernel< 6.17.0-14.14
CVEListV5linux/linux24d694aec139e9e0a31c60993db79bd8ad575afe1a8a15c3f71d1199d510ccba4bc201cbd2204048+2
debiandebian/linux< linux 6.17.8-1 (forky)

🔴Vulnerability Details

8
OSV
linux-azure vulnerabilities2026-02-24
OSV
linux-oem-6.17 vulnerabilities2026-02-17
OSV
linux-aws, linux-oracle vulnerabilities2026-02-17
OSV
linux-gcp vulnerabilities2026-02-12
OSV
linux, linux-raspi, linux-realtime vulnerabilities2026-02-12

📋Vendor Advisories

7
Ubuntu
Linux kernel (Azure) vulnerabilities2026-02-24
Ubuntu
Linux kernel (OEM) vulnerabilities2026-02-17
Ubuntu
Linux kernel (GCP) vulnerabilities2026-02-12
Ubuntu
Linux kernel vulnerabilities2026-02-12
Red Hat
kernel: bnxt_en: Shutdown FW DMA in bnxt_shutdown()2025-12-09

🕵️Threat Intelligence

1
Wiz
CVE-2025-40330 Impact, Exploitability, and Mitigation Steps | Wiz