CVE-2025-40036

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel’s fastrpc implementation that could lead to a map leak. A failure within the copy to user() function could result in an early return without properly releasing allocated resources, specifically within the fdlist, which is updated by the DSP. This improper cleanup could result in mapped buffers not being released. The issue is addressed by redirecting to a cleanup path upon failure, ensuring all mapped buffers are released before returning.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

BDU:2026-02701

CVE-2025-40036

DLA-4379-1

DSA-6053-1

ECHO-8410-E410-6D12

MGASA-2025-0309

MGASA-2025-0310

OPENSUSE-SU-2025:15702-1

OPENSUSE-SU-2025:20091-1

OPENSUSE-SU-2026:10301-1

SUSE-SU-2025:21040-1

SUSE-SU-2025:21052-1

SUSE-SU-2025:21056-1

SUSE-SU-2025:21064-1

SUSE-SU-2025:21080-1

SUSE-SU-2025:21147-1

SUSE-SU-2025:21180-1

SUSE-SU-2025:4057-1

SUSE-SU-2025:4128-1

SUSE-SU-2025:4132-1

SUSE-SU-2025:4140-1

SUSE-SU-2025:4141-1

SUSE-SU-2025:4301-1

USN-8029-1

USN-8029-2

USN-8029-3

USN-8030-1

USN-8048-1

USN-8095-1

USN-8095-2

USN-8095-3

USN-8095-4

USN-8095-5

USN-8100-1

USN-8125-1

USN-8126-1

USN-8165-1

USN-8261-1

Affected Products

Debian

Linuxmint

Linux Kernel

Suse

Ubuntu

CVE-2025-40036

Weakness Enumeration

Related Identifiers

Affected Products

References · 2790