CVE-2025-40124

CVSS v2.0

5.2

Medium

Vector

AV:A/AC:L/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An issue was identified in the Linux kernel related to inaccurate exception reporting within the copy from user and copy to user functions for UltraSPARC III architectures. A bug in exception handlers, introduced with new user-space memory reference handling, caused incorrect return values when exceptions occurred during bulk copy operations. Specifically, the masking of registers was performed after the bulk copy loop instead of before, leading to inaccurate calculations of remaining bytes to copy. This issue stemmed from a BUG ON condition in ext4 code with large folios enabled, triggered by copy from user returning impossibly large values. The functions copy from user and copy to user are affected.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Unchecked Return Value

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-252

Related Identifiers

BDU:2025-15347

CVE-2025-40124

DLA-4379-1

USN-8029-1

USN-8029-2

USN-8029-3

USN-8030-1

USN-8033-1

USN-8033-2

USN-8033-3

USN-8033-4

USN-8033-5

USN-8033-6

USN-8033-7

USN-8033-8

USN-8034-1

USN-8034-2

USN-8048-1

USN-8095-1

USN-8095-2

USN-8095-3

USN-8095-4

USN-8095-5

USN-8100-1

USN-8125-1

USN-8126-1

USN-8141-1

USN-8163-1

USN-8163-2

USN-8165-1

USN-8243-1

USN-8261-1

Affected Products

Debian

Linuxmint

Linux Kernel

Ubuntu

CVE-2025-40124

Weakness Enumeration

Related Identifiers

Affected Products

References · 1706