PT-2025-44095 · Linux · Linux Kernel

Published

2025-09-15

Updated

2026-03-13

CVE-2025-40028

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.17.0-rc6-dirty

Description The Linux kernel contains a flaw in the binder subsystem related to bitmap handling. A process attempting to expand its proc->dmap may experience a double-free error when a bitmap allocation fails. This occurs because dbitmap free() is called twice for the same bitmap, once during the allocation failure in dbitmap grow() and again when the process terminates. This can lead to system instability. The issue is triggered within the binder proc dec tmpref function.

Recommendations Update to a version newer than 6.17.0-rc6-dirty.

Exploit

Fix

Double Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-415

Related Identifiers

BDU:2025-13784

CVE-2025-40028

OPENSUSE-SU-2025:15702-1

OPENSUSE-SU-2026:10301-1

USN-7906-1

USN-7906-2

USN-7906-3

Affected Products

Linux Kernel

PT-2025-44095 · Linux · Linux Kernel

CVE-2025-40028

Weakness Enumeration

Related Identifiers

Affected Products

References · 233