-

CVE-2025-40264

EPSS 0.06%
Veröffentlicht 04.12.2025 16:16:20
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

be2net: pass wrb_params in case of OS2BMC

In the Linux kernel, the following vulnerability has been resolved:

be2net: pass wrb_params in case of OS2BMC

be_insert_vlan_in_pkt() is called with the wrb_params argument being NULL
at be_send_pkt_to_bmc() call site.  This may lead to dereferencing a NULL
pointer when processing a workaround for specific packet, as commit
bc0c3405abbb ("be2net: fix a Tx stall bug caused by a specific ipv6
packet") states.

The correct way would be to pass the wrb_params from be_xmit().

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

CNA 2 VulnDex Vulnerability Enrichment 12

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version 760c295e0e8d982917d004c9095cff61c0cbd803

Version < 48d59b60dd5d7e4c48c077a2008c9dcd7b59bdfe

Status affected

Version 760c295e0e8d982917d004c9095cff61c0cbd803

Version < f499dfa5c98e92e72dd454eb95a1000a448f3405

Status affected

Version 760c295e0e8d982917d004c9095cff61c0cbd803

Version < 630360c6724e27f1aa494ba3fffe1e38c4205284

Status affected

Version 760c295e0e8d982917d004c9095cff61c0cbd803

Version < 012ee5882b1830db469194466a210768ed207388

Status affected

Version 760c295e0e8d982917d004c9095cff61c0cbd803

Version < ce0a3699244aca3acb659f143c9cb1327b210f89

Status affected

Version 760c295e0e8d982917d004c9095cff61c0cbd803

Version < 1ecd86ec6efddb59a10c927e8e679f183bb9113e

Status affected

Version 760c295e0e8d982917d004c9095cff61c0cbd803

Version < 4c4741f6e7f2fa4e1486cb61e1c15b9236ec134d

Status affected

Version 760c295e0e8d982917d004c9095cff61c0cbd803

Version < 7d277a7a58578dd62fd546ddaef459ec24ccae36

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.2

Status affected

Version 0

Version < 4.2

Status unaffected

Version <= 5.4.*

Version 5.4.302

Status unaffected

Version <= 5.10.*

Version 5.10.247

Status unaffected

Version <= 5.15.*

Version 5.15.197

Status unaffected

Version <= 6.1.*

Version 6.1.159

Status unaffected

Version <= 6.6.*

Version 6.6.118

Status unaffected

Version <= 6.12.*

Version 6.12.60

Status unaffected

Version <= 6.17.*

Version 6.17.10

Status unaffected

Version <= *

Version 6.18

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.181

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/1ecd86ec6efddb59a10c927e8e679f183bb9113e

https://git.kernel.org/stable/c/48d59b60dd5d7e4c48c077a2008c9dcd7b59bdfe

https://git.kernel.org/stable/c/4c4741f6e7f2fa4e1486cb61e1c15b9236ec134d

https://git.kernel.org/stable/c/7d277a7a58578dd62fd546ddaef459ec24ccae36

https://git.kernel.org/stable/c/ce0a3699244aca3acb659f143c9cb1327b210f89

https://git.kernel.org/stable/c/012ee5882b1830db469194466a210768ed207388

https://git.kernel.org/stable/c/630360c6724e27f1aa494ba3fffe1e38c4205284

https://git.kernel.org/stable/c/f499dfa5c98e92e72dd454eb95a1000a448f3405

https://nvd.nist.gov/vuln/detail/CVE-2025-40264

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-40264

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-40264

EUVD