-

CVE-2025-40264

EPSS 0.03%
Veröffentlicht 04.12.2025 16:16:20
Zuletzt bearbeitet 06.12.2025 22:15:54
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

be2net: pass wrb_params in case of OS2BMC

be_insert_vlan_in_pkt() is called with the wrb_params argument being NULL
at be_send_pkt_to_bmc() call site.  This may lead to dereferencing a NULL
pointer when processing a workaround for specific packet, as commit
bc0c3405abbb ("be2net: fix a Tx stall bug caused by a specific ipv6
packet") states.

The correct way would be to pass the wrb_params from be_xmit().

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 48d59b60dd5d7e4c48c077a2008c9dcd7b59bdfe

Version 760c295e0e8d982917d004c9095cff61c0cbd803

Status affected

Version < f499dfa5c98e92e72dd454eb95a1000a448f3405

Version 760c295e0e8d982917d004c9095cff61c0cbd803

Status affected

Version < 630360c6724e27f1aa494ba3fffe1e38c4205284

Version 760c295e0e8d982917d004c9095cff61c0cbd803

Status affected

Version < 012ee5882b1830db469194466a210768ed207388

Version 760c295e0e8d982917d004c9095cff61c0cbd803

Status affected

Version < ce0a3699244aca3acb659f143c9cb1327b210f89

Version 760c295e0e8d982917d004c9095cff61c0cbd803

Status affected

Version < 1ecd86ec6efddb59a10c927e8e679f183bb9113e

Version 760c295e0e8d982917d004c9095cff61c0cbd803

Status affected

Version < 4c4741f6e7f2fa4e1486cb61e1c15b9236ec134d

Version 760c295e0e8d982917d004c9095cff61c0cbd803

Status affected

Version < 7d277a7a58578dd62fd546ddaef459ec24ccae36

Version 760c295e0e8d982917d004c9095cff61c0cbd803

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.2

Status affected

Version < 4.2

Version 0

Status unaffected

Version <= 5.4.*

Version 5.4.302

Status unaffected

Version <= 5.10.*

Version 5.10.247

Status unaffected

Version <= 5.15.*

Version 5.15.197

Status unaffected

Version <= 6.1.*

Version 6.1.159

Status unaffected

Version <= 6.6.*

Version 6.6.118

Status unaffected

Version <= 6.12.*

Version 6.12.60

Status unaffected

Version <= 6.17.*

Version 6.17.10

Status unaffected

Version <= *

Version 6.18

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.087

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/1ecd86ec6efddb59a10c927e8e679f183bb9113e

https://git.kernel.org/stable/c/48d59b60dd5d7e4c48c077a2008c9dcd7b59bdfe

https://git.kernel.org/stable/c/4c4741f6e7f2fa4e1486cb61e1c15b9236ec134d

https://git.kernel.org/stable/c/7d277a7a58578dd62fd546ddaef459ec24ccae36

https://git.kernel.org/stable/c/ce0a3699244aca3acb659f143c9cb1327b210f89

https://git.kernel.org/stable/c/012ee5882b1830db469194466a210768ed207388

https://git.kernel.org/stable/c/630360c6724e27f1aa494ba3fffe1e38c4205284

https://git.kernel.org/stable/c/f499dfa5c98e92e72dd454eb95a1000a448f3405

https://nvd.nist.gov/vuln/detail/CVE-2025-40264

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-40264

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-40264

EUVD