CVE-2025-40348NULL Pointer Dereference in Linux

CWE-476NULL Pointer Dereference7 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 90.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 16

Description

In the Linux kernel, the following vulnerability has been resolved: slab: Avoid race on slab->obj_exts in alloc_slab_obj_exts If two competing threads enter alloc_slab_obj_exts() and one of them fails to allocate the object extension vector, it might override the valid slab->obj_exts allocated by the other thread with OBJEXTS_ALLOC_FAIL. This will cause the thread that lost this race and expects a valid pointer to dereference a NULL pointer later on. Update slab->obj_exts atomically using cmp

Affected Packages3 packages

Linuxlinux/linux_kernel6.12.546.12.56+1
CVEListV5linux/linux715b6a5b41dae39baeaa40d3386b548bb278b9c2c7af5300d78460fc5037ddc77113ba3dbfe77dc0+4
debiandebian/linux

🔴Vulnerability Details

3
OSV
CVE-2025-40348: In the Linux kernel, the following vulnerability has been resolved: slab: Avoid race on slab->obj_exts in alloc_slab_obj_exts If two competing threads2025-12-16
GHSA
GHSA-468j-fmh4-69r9: In the Linux kernel, the following vulnerability has been resolved: slab: Avoid race on slab->obj_exts in alloc_slab_obj_exts If two competing threa2025-12-16
OSV
slab: Avoid race on slab->obj_exts in alloc_slab_obj_exts2025-12-16

📋Vendor Advisories

2
Red Hat
kernel: slab: Avoid race on slab->obj_exts in alloc_slab_obj_exts2025-12-16
Debian
CVE-2025-40348: linux - In the Linux kernel, the following vulnerability has been resolved: slab: Avoid...2025

🕵️Threat Intelligence

1
Wiz
CVE-2025-40348 Impact, Exploitability, and Mitigation Steps | Wiz