-
CVE-2025-40124
- EPSS 0.08%
- Veröffentlicht 12.11.2025 10:23:19
- Zuletzt bearbeitet 12.11.2025 16:19:12
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
In the Linux kernel, the following vulnerability has been resolved:
sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC III
Anthony Yznaga tracked down that a BUG_ON in ext4 code with large folios
enabled resulted from copy_from_user() returning impossibly large values
greater than the size to be copied. This lead to __copy_from_iter()
returning impossible values instead of the actual number of bytes it was
able to copy.
The BUG_ON has been reported in
https://lore.kernel.org/r/b14f55642207e63e907965e209f6323a0df6dcee.camel@physik.fu-berlin.de
The referenced commit introduced exception handlers on user-space memory
references in copy_from_user and copy_to_user. These handlers return from
the respective function and calculate the remaining bytes left to copy
using the current register contents. The exception handlers expect that
%o2 has already been masked during the bulk copy loop, but the masking was
performed after that loop. This will fix the return value of copy_from_user
and copy_to_user in the faulting case. The behaviour of memcpy stays
unchanged.Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version <
fdd43fe6d286f27b826572457a89c926f97e2d3a
Version
ee841d0aff649164080e445e84885015958d8ff4
Status
affected
Version <
1198077606aeffb102587c6ea079ce99641c99d4
Version
ee841d0aff649164080e445e84885015958d8ff4
Status
affected
Version <
1857cdca12c4aff58bf26a7005a4d02850c29927
Version
ee841d0aff649164080e445e84885015958d8ff4
Status
affected
Version <
91eda032eb16e5d2be27c95584665bc555bb5a90
Version
ee841d0aff649164080e445e84885015958d8ff4
Status
affected
Version <
dc766c4830a7e1e1ee9d7f77d4ab344f2eb23c8e
Version
ee841d0aff649164080e445e84885015958d8ff4
Status
affected
Version <
5ef9c94d7110e90260c06868cf1dcf899b9f25ee
Version
ee841d0aff649164080e445e84885015958d8ff4
Status
affected
Version <
e50377c6b3f278c9f3ef017ffce17f5fcc9dace4
Version
ee841d0aff649164080e445e84885015958d8ff4
Status
affected
Version <
47b49c06eb62504075f0f2e2227aee2e2c2a58b3
Version
ee841d0aff649164080e445e84885015958d8ff4
Status
affected
Version
1c7e17b1c4d60cc5aa575460f7efb73686dd3b39
Status
affected
Version
ac663c54f40b2830b1ca32d1ae9d683fe248b14c
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
4.9
Status
affected
Version <
4.9
Version
0
Status
unaffected
Version <=
5.4.*
Version
5.4.301
Status
unaffected
Version <=
5.10.*
Version
5.10.246
Status
unaffected
Version <=
5.15.*
Version
5.15.195
Status
unaffected
Version <=
6.1.*
Version
6.1.156
Status
unaffected
Version <=
6.6.*
Version
6.6.112
Status
unaffected
Version <=
6.12.*
Version
6.12.53
Status
unaffected
Version <=
6.17.*
Version
6.17.3
Status
unaffected
Version <=
*
Version
6.18
Status
unaffected
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.08% | 0.243 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|