-

CVE-2025-40020

EPSS 0.05%
Veröffentlicht 24.10.2025 12:24:56
Zuletzt bearbeitet 27.10.2025 13:20:15
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

can: peak_usb: fix shift-out-of-bounds issue

Explicitly uses a 64-bit constant when the number of bits used for its
shifting is 32 (which is the case for PC CAN FD interfaces supported by
this driver).

[mkl: update subject, apply manually]

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 572c656802781cc57f4a3231eefa83547e75ed78

Version bb4785551f64e18b2c8bb15a3bd2b22f5ebf624d

Status affected

Version < 61b1dd4c614935169d12bdecc26906e37b508618

Version bb4785551f64e18b2c8bb15a3bd2b22f5ebf624d

Status affected

Version < 48822a59ecc47d353400d38b1941d3ae7591ffff

Version bb4785551f64e18b2c8bb15a3bd2b22f5ebf624d

Status affected

Version < 176c81cbf9c4e348610a421aad800087c0401f60

Version bb4785551f64e18b2c8bb15a3bd2b22f5ebf624d

Status affected

Version < 17edec1830e48c0becd61642d0e40bc753243b16

Version bb4785551f64e18b2c8bb15a3bd2b22f5ebf624d

Status affected

Version < eb79ed970670344380e77d62f8188e8015648d94

Version bb4785551f64e18b2c8bb15a3bd2b22f5ebf624d

Status affected

Version < 394c58017e5f41043584c345106cae16a4613710

Version bb4785551f64e18b2c8bb15a3bd2b22f5ebf624d

Status affected

Version < c443be70aaee42c2d1d251e0329e0a69dd96ae54

Version bb4785551f64e18b2c8bb15a3bd2b22f5ebf624d

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 3.4

Status affected

Version < 3.4

Version 0

Status unaffected

Version <= 5.4.*

Version 5.4.300

Status unaffected

Version <= 5.10.*

Version 5.10.245

Status unaffected

Version <= 5.15.*

Version 5.15.194

Status unaffected

Version <= 6.1.*

Version 6.1.155

Status unaffected

Version <= 6.6.*

Version 6.6.109

Status unaffected

Version <= 6.12.*

Version 6.12.50

Status unaffected

Version <= 6.16.*

Version 6.16.10

Status unaffected

Version <= *

Version 6.17

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.159

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/572c656802781cc57f4a3231eefa83547e75ed78

https://git.kernel.org/stable/c/61b1dd4c614935169d12bdecc26906e37b508618

https://git.kernel.org/stable/c/48822a59ecc47d353400d38b1941d3ae7591ffff

https://git.kernel.org/stable/c/176c81cbf9c4e348610a421aad800087c0401f60

https://git.kernel.org/stable/c/17edec1830e48c0becd61642d0e40bc753243b16

https://git.kernel.org/stable/c/eb79ed970670344380e77d62f8188e8015648d94

https://git.kernel.org/stable/c/394c58017e5f41043584c345106cae16a4613710

https://git.kernel.org/stable/c/c443be70aaee42c2d1d251e0329e0a69dd96ae54

https://nvd.nist.gov/vuln/detail/CVE-2025-40020

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-40020

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-40020

EUVD