-

CVE-2025-40253

EPSS 0.03%
Veröffentlicht 04.12.2025 16:16:18
Zuletzt bearbeitet 06.12.2025 22:15:52
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

s390/ctcm: Fix double-kfree

The function 'mpc_rcvd_sweep_req(mpcginfo)' is called conditionally
from function 'ctcmpc_unpack_skb'. It frees passed mpcginfo.
After that a call to function 'kfree' in function 'ctcmpc_unpack_skb'
frees it again.

Remove 'kfree' call in function 'mpc_rcvd_sweep_req(mpcginfo)'.

Bug detected by the clang static analyzer.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 06f1dd1de0d33dbfbd2e1fc9fc57d8895f730de2

Version 467ddbbe7e749d558f13e640f50f546149c930b3

Status affected

Version < 6bf8ccaabce8cebb6cb1f255c93d0acdfe95c17a

Version 4d3c6d741816539b57fa1110c3f765a8c176d7b4

Status affected

Version < 7616e2eee679746d526c7f5befd4eedb995935b5

Version 2bd57101c3ecf3f8c0da1d26c2b6ad511adc6d50

Status affected

Version < 43096dab8cc60fc39133205fd149a54d3acebea8

Version 0c0b20587b9f25a2ad14db7f80ebe49bdf29920a

Status affected

Version < 3b177b2ded563df16f6d5920671ffcfe5915d472

Version 0c0b20587b9f25a2ad14db7f80ebe49bdf29920a

Status affected

Version < b9dbfb1b5699f9f1e4991f96741bdf9047147589

Version 0c0b20587b9f25a2ad14db7f80ebe49bdf29920a

Status affected

Version < 7ff76f8dc6b550f8d16487bf3cebc278be720b5c

Version 0c0b20587b9f25a2ad14db7f80ebe49bdf29920a

Status affected

Version < da02a1824884d6c84c5e5b5ac373b0c9e3288ec2

Version 0c0b20587b9f25a2ad14db7f80ebe49bdf29920a

Status affected

Version 36933de59f67029e5739a98393891f9b94f27e0f

Status affected

Version d886b4292a1c5b4facdb2dfdc31f0fecc71df898

Status affected

Version 4c9ba0fed125deba8416b995b0c274b0804c0c24

Status affected

Version ea0053af5dab4d63a9c44563973fb2f3bfd9eb2b

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.18

Status affected

Version < 5.18

Version 0

Status unaffected

Version <= 5.4.*

Version 5.4.302

Status unaffected

Version <= 5.10.*

Version 5.10.247

Status unaffected

Version <= 5.15.*

Version 5.15.197

Status unaffected

Version <= 6.1.*

Version 6.1.159

Status unaffected

Version <= 6.6.*

Version 6.6.118

Status unaffected

Version <= 6.12.*

Version 6.12.60

Status unaffected

Version <= 6.17.*

Version 6.17.10

Status unaffected

Version <= *

Version 6.18

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.087

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/06f1dd1de0d33dbfbd2e1fc9fc57d8895f730de2

https://git.kernel.org/stable/c/3b177b2ded563df16f6d5920671ffcfe5915d472

https://git.kernel.org/stable/c/7ff76f8dc6b550f8d16487bf3cebc278be720b5c

https://git.kernel.org/stable/c/b9dbfb1b5699f9f1e4991f96741bdf9047147589

https://git.kernel.org/stable/c/da02a1824884d6c84c5e5b5ac373b0c9e3288ec2

https://git.kernel.org/stable/c/43096dab8cc60fc39133205fd149a54d3acebea8

https://git.kernel.org/stable/c/6bf8ccaabce8cebb6cb1f255c93d0acdfe95c17a

https://git.kernel.org/stable/c/7616e2eee679746d526c7f5befd4eedb995935b5

https://nvd.nist.gov/vuln/detail/CVE-2025-40253

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-40253

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-40253

EUVD