CVE-2025-40052

CVSS v2.0

4.9

Medium

Vector

AV:L/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains an issue within the SMB client related to cryptographic buffers in non-linear memory. The crypto API, specifically through the scatterlist API, requires input buffers to be in linear memory. The issue arises when allocating an AEAD request buffer using kvzalloc(), which can place the buffer in vmalloc space. This can lead to a kernel bug when handling tasks with stacks in vmalloc areas, potentially triggered by numerous parallel read and write operations on an encrypted mount. The root cause is the use of vmalloc'd memory with the scatterlist API, which expects linear memory.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-670CWE-416

Related Identifiers

AZL-68846

BDU:2025-13618

CVE-2025-40052

MGASA-2025-0309

MGASA-2025-0310

OPENSUSE-SU-2025:15702-1

OPENSUSE-SU-2025:20091-1

OPENSUSE-SU-2026:10301-1

SUSE-SU-2025:21040-1

SUSE-SU-2025:21052-1

SUSE-SU-2025:21056-1

SUSE-SU-2025:21064-1

SUSE-SU-2025:21080-1

SUSE-SU-2025:21147-1

SUSE-SU-2025:21180-1

SUSE-SU-2025:4057-1

SUSE-SU-2025:4128-1

SUSE-SU-2025:4132-1

SUSE-SU-2025:4140-1

SUSE-SU-2025:4141-1

SUSE-SU-2025:4301-1

USN-8029-1

USN-8029-2

USN-8029-3

USN-8030-1

USN-8048-1

USN-8095-1

USN-8095-2

USN-8095-3

USN-8095-4

USN-8095-5

USN-8100-1

USN-8125-1

USN-8126-1

USN-8165-1

USN-8261-1

Affected Products

Linuxmint

Linux Kernel

Suse

Ubuntu

CVE-2025-40052

Weakness Enumeration

Related Identifiers

Affected Products

References · 2785