CVE-2025-40071

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw within the tty subsystem, specifically in the n gsm component. The issue arises from the potential to block the input queue while waiting for a Modem Status Command (MSC) response. This occurs when opening a Data Link Connection Identifier (DLC) channel, where gsm queue() processes incoming frames and gsm dlci open() calls gsm modem update(). In basic mode, gsm modem upd via msc() attempts to send an MSC without waiting for a response, potentially leading to a blockage of the input queue. The resolution involves defining a new function, gsm modem send initial msc(), to handle sending the MSC without blocking. This issue only affects basic encoding and does not impact advanced encoding or convergence layer type 2.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.