-

CVE-2025-40202

EPSS 0.03%
Veröffentlicht 12.11.2025 21:56:34
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

ipmi: Rework user message limit handling

In the Linux kernel, the following vulnerability has been resolved:

ipmi: Rework user message limit handling

The limit on the number of user messages had a number of issues,
improper counting in some cases and a use after free.

Restructure how this is all done to handle more in the receive message
allocation routine, so all refcouting and user message limit counts
are done in that routine.  It's a lot cleaner and safer.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 8

CNA 2 VulnDex Vulnerability Enrichment 7

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version 8e76741c3d8b20dfa2d6c30fa10ff927cfd93d82

Version < f63723ca7d7623f9dae1990973cd158671f03c56

Status affected

Version 8e76741c3d8b20dfa2d6c30fa10ff927cfd93d82

Version < 348121b29594d42d1635648fd3ed31dfa25351d5

Status affected

Version 8e76741c3d8b20dfa2d6c30fa10ff927cfd93d82

Version < 53d6e403affbf6df2c859a0ea00ccfc1e72090ca

Status affected

Version 8e76741c3d8b20dfa2d6c30fa10ff927cfd93d82

Version < 0ed73be9a2547ffb9b5c1d879ad9bfab73d920b5

Status affected

Version 8e76741c3d8b20dfa2d6c30fa10ff927cfd93d82

Version < b52da4054ee0bf9ecb44996f2c83236ff50b3812

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.19

Status affected

Version 0

Version < 5.19

Status unaffected

Version <= 6.1.*

Version 6.1.157

Status unaffected

Version <= 6.6.*

Version 6.6.113

Status unaffected

Version <= 6.12.*

Version 6.12.54

Status unaffected

Version <= 6.17.*

Version 6.17.4

Status unaffected

Version <= *

Version 6.18

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.084

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/f63723ca7d7623f9dae1990973cd158671f03c56

https://git.kernel.org/stable/c/348121b29594d42d1635648fd3ed31dfa25351d5

https://git.kernel.org/stable/c/53d6e403affbf6df2c859a0ea00ccfc1e72090ca

https://git.kernel.org/stable/c/0ed73be9a2547ffb9b5c1d879ad9bfab73d920b5

https://git.kernel.org/stable/c/b52da4054ee0bf9ecb44996f2c83236ff50b3812

https://nvd.nist.gov/vuln/detail/CVE-2025-40202

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-40202

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-40202

EUVD