CVE-2025-40336 — Linux vulnerability

17 documents8 sources

Severity

7.0HIGH

No vector

EPSS

0.0%

top 89.45%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux +1 more

Timeline

PublishedDec 9

Latest updateFeb 24

Description

In the Linux kernel, the following vulnerability has been resolved: drm/gpusvm: fix hmm_pfn_to_map_order() usage Handle the case where the hmm range partially covers a huge page (like 2M), otherwise we can potentially end up doing something nasty like mapping memory which is outside the range, and maybe not even mapped by the mm. Fix is based on the xe userptr code, which in a future patch will directly use gpusvm, so needs alignment here. v2: - Add kernel-doc (Matt B) - s/fls/ilog2/ (Thomas)

Affected Packages6 packages

▶Linuxlinux/linux_kernel6.15.0 — 6.17.8

▶Debianlinux/linux_kernel< 6.17.8-1

▶Ubuntulinux/linux_kernel< 6.17.0-14.14

▶msrcmsrc/azl3_kernel_6.6.117.1-1_on_azure_linux_3.0

▶CVEListV5linux/linux99624bdff8670795b678eafa6509aaad3a5c0175 — 08e9fd78ba1b9e95141181c69cc51795c9888157+2

🔴Vulnerability Details

OSV

linux-azure vulnerabilities↗2026-02-24

▶

OSV

linux-oem-6.17 vulnerabilities↗2026-02-17

▶

OSV

linux-aws, linux-oracle vulnerabilities↗2026-02-17

▶

OSV

linux-gcp vulnerabilities↗2026-02-12

▶

OSV

linux, linux-raspi, linux-realtime vulnerabilities↗2026-02-12

▶

📋Vendor Advisories

Ubuntu

Linux kernel (Azure) vulnerabilities↗2026-02-24

▶

Ubuntu

Linux kernel (OEM) vulnerabilities↗2026-02-17

▶

Ubuntu

Linux kernel (GCP) vulnerabilities↗2026-02-12

▶

Ubuntu

Linux kernel vulnerabilities↗2026-02-12

▶

Microsoft

drm/gpusvm: fix hmm_pfn_to_map_order() usage↗2025-12-09

▶

🕵️Threat Intelligence

Wiz

CVE-2025-40336 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶