PT-2025-46604 · Linux+2 · Linux Kernel+2

Published

2025-08-11

·

Updated

2026-05-07

·

CVE-2025-40129

CVSS v2.0

5.5

Medium

VectorAV:A/AC:L/Au:S/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A flaw exists in the Linux kernel’s sunrpc implementation where a null pointer dereference can occur during checksum processing. Specifically, in the xdr stream decode opaque auth() function, a zero-length checksum can lead to checksum.data being set to NULL. Subsequently, accessing checksum.data within the gss krb5 verify mic v2() function triggers a null pointer dereference.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

BDU:2025-15301
CVE-2025-40129
OESA-2025-2765
OESA-2025-2766
OESA-2025-2767
OPENSUSE-SU-2025:20172-1
SUSE-SU-2025:4393-1
SUSE-SU-2025:4422-1
SUSE-SU-2025:4505-1
SUSE-SU-2025:4516-1
SUSE-SU-2025:4517-1
SUSE-SU-2025:4521-1
SUSE-SU-2026:0487-1
SUSE-SU-2026:0489-1
SUSE-SU-2026:0490-1
SUSE-SU-2026:0491-1
SUSE-SU-2026:0543-1
SUSE-SU-2026:0546-1
SUSE-SU-2026:0548-1
SUSE-SU-2026:0550-1
SUSE-SU-2026:0551-1
SUSE-SU-2026:0554-1
SUSE-SU-2026:0555-1
SUSE-SU-2026:0556-1
SUSE-SU-2026:0557-1
SUSE-SU-2026:0560-1
SUSE-SU-2026:0561-1
SUSE-SU-2026:20012-1
SUSE-SU-2026:20015-1
SUSE-SU-2026:20021-1
SUSE-SU-2026:20039-1
SUSE-SU-2026:20059-1
SUSE-SU-2026:20455-1
SUSE-SU-2026:20456-1
SUSE-SU-2026:20457-1
SUSE-SU-2026:20458-1
SUSE-SU-2026:20459-1
SUSE-SU-2026:20460-1
SUSE-SU-2026:20461-1
SUSE-SU-2026:20462-1
SUSE-SU-2026:20463-1
SUSE-SU-2026:20464-1
SUSE-SU-2026:20465-1
SUSE-SU-2026:20466-1
SUSE-SU-2026:20467-1
SUSE-SU-2026:20468-1
SUSE-SU-2026:20469-1
SUSE-SU-2026:20470-1
SUSE-SU-2026:20471-1
SUSE-SU-2026:20472-1
SUSE-SU-2026:20473-1
SUSE-SU-2026:20496-1
SUSE-SU-2026:20499-1
SUSE-SU-2026:20500-1
SUSE-SU-2026:20501-1
SUSE-SU-2026:20502-1
SUSE-SU-2026:20503-1
SUSE-SU-2026:20504-1
SUSE-SU-2026:20505-1
SUSE-SU-2026:20506-1
SUSE-SU-2026:20507-1
SUSE-SU-2026:20508-1
SUSE-SU-2026:20511-1
SUSE-SU-2026:20512-1
SUSE-SU-2026:20513-1
SUSE-SU-2026:20514-1
SUSE-SU-2026:20515-1
SUSE-SU-2026:20516-1
SUSE-SU-2026:20517-1
SUSE-SU-2026:20518-1
SUSE-SU-2026:20635-1
SUSE-SU-2026:20644-1
SUSE-SU-2026:20645-1
USN-8029-1
USN-8029-2
USN-8029-3
USN-8030-1
USN-8048-1
USN-8095-1
USN-8095-2
USN-8095-3
USN-8095-4
USN-8095-5
USN-8100-1
USN-8125-1
USN-8126-1
USN-8165-1
USN-8261-1

Affected Products

Linuxmint
Linux Kernel
Ubuntu