CVE-2025-40155

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.16.0 #191

Description The Linux kernel contains a flaw within the iommu/vt-d subsystem related to debugfs and legacy mode page table dump logic. In legacy mode, the SSPTPTR is not properly checked, potentially leading to a general protection fault when walking the page table. This can occur if the TT value is not 00b or 01b, resulting in an uninitialized or zero SSPTPTR. This condition can cause a kernel oops.

Recommendations Update to Linux kernel version 6.16.0 #191 or later.

Exploit

Fix

Access of Uninitialized Pointer

Incorrect Type Conversion or Cast

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-824CWE-704

Related Identifiers

BDU:2025-14945

CVE-2025-40155

USN-8029-1

USN-8029-2

USN-8029-3

USN-8030-1

USN-8048-1

USN-8095-1

USN-8095-2

USN-8095-3

USN-8095-4

USN-8095-5

USN-8100-1

USN-8125-1

USN-8126-1

USN-8165-1

USN-8261-1

Affected Products

Linuxmint

Linux Kernel

Ubuntu

CVE-2025-40155

Weakness Enumeration

Related Identifiers

Affected Products

References · 1571