-

CVE-2025-40020

EPSS 0.06%
Veröffentlicht 24.10.2025 12:24:56
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

can: peak_usb: fix shift-out-of-bounds issue

In the Linux kernel, the following vulnerability has been resolved:

can: peak_usb: fix shift-out-of-bounds issue

Explicitly uses a 64-bit constant when the number of bits used for its
shifting is 32 (which is the case for PC CAN FD interfaces supported by
this driver).

[mkl: update subject, apply manually]

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

CNA 2 VulnDex Vulnerability Enrichment 13

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version bb4785551f64e18b2c8bb15a3bd2b22f5ebf624d

Version < 572c656802781cc57f4a3231eefa83547e75ed78

Status affected

Version bb4785551f64e18b2c8bb15a3bd2b22f5ebf624d

Version < 61b1dd4c614935169d12bdecc26906e37b508618

Status affected

Version bb4785551f64e18b2c8bb15a3bd2b22f5ebf624d

Version < 48822a59ecc47d353400d38b1941d3ae7591ffff

Status affected

Version bb4785551f64e18b2c8bb15a3bd2b22f5ebf624d

Version < 176c81cbf9c4e348610a421aad800087c0401f60

Status affected

Version bb4785551f64e18b2c8bb15a3bd2b22f5ebf624d

Version < 17edec1830e48c0becd61642d0e40bc753243b16

Status affected

Version bb4785551f64e18b2c8bb15a3bd2b22f5ebf624d

Version < eb79ed970670344380e77d62f8188e8015648d94

Status affected

Version bb4785551f64e18b2c8bb15a3bd2b22f5ebf624d

Version < 394c58017e5f41043584c345106cae16a4613710

Status affected

Version bb4785551f64e18b2c8bb15a3bd2b22f5ebf624d

Version < c443be70aaee42c2d1d251e0329e0a69dd96ae54

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 3.4

Status affected

Version 0

Version < 3.4

Status unaffected

Version <= 5.4.*

Version 5.4.300

Status unaffected

Version <= 5.10.*

Version 5.10.245

Status unaffected

Version <= 5.15.*

Version 5.15.194

Status unaffected

Version <= 6.1.*

Version 6.1.155

Status unaffected

Version <= 6.6.*

Version 6.6.109

Status unaffected

Version <= 6.12.*

Version 6.12.50

Status unaffected

Version <= 6.16.*

Version 6.16.10

Status unaffected

Version <= *

Version 6.17

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.181

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/572c656802781cc57f4a3231eefa83547e75ed78

https://git.kernel.org/stable/c/61b1dd4c614935169d12bdecc26906e37b508618

https://git.kernel.org/stable/c/48822a59ecc47d353400d38b1941d3ae7591ffff

https://git.kernel.org/stable/c/176c81cbf9c4e348610a421aad800087c0401f60

https://git.kernel.org/stable/c/17edec1830e48c0becd61642d0e40bc753243b16

https://git.kernel.org/stable/c/eb79ed970670344380e77d62f8188e8015648d94

https://git.kernel.org/stable/c/394c58017e5f41043584c345106cae16a4613710

https://git.kernel.org/stable/c/c443be70aaee42c2d1d251e0329e0a69dd96ae54

https://nvd.nist.gov/vuln/detail/CVE-2025-40020

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-40020

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-40020

EUVD