PT-2025-46632 · Linux+3 · Linux Kernel+3

Published

2025-08-06

Updated

2026-04-20

CVE-2025-40157

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An issue exists in the Linux kernel related to the i10nm edac driver on some Intel Granite Rapids servers. A call trace may appear due to a shift-out-of-bounds error in drivers/edac/skx common.c:453:16. This occurs when a BIOS disables a memory controller without any populated memory DIMMs, resulting in an invalid value (~0) in the DIMMMTR register. The issue is triggered during DIMM enumeration on a disabled memory controller. The function skx get dimm info.cold is called within skx edac common, which in turn is called by i10nm get dimm config within i10nm edac, and ultimately by skx register mci and i10nm init.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

BDU:2025-14756

CVE-2025-40157

OPENSUSE-SU-2025:20172-1

SUSE-SU-2025:4393-1

SUSE-SU-2025:4422-1

SUSE-SU-2025:4505-1

SUSE-SU-2025:4516-1

SUSE-SU-2025:4517-1

SUSE-SU-2025:4521-1

SUSE-SU-2026:20012-1

SUSE-SU-2026:20015-1

SUSE-SU-2026:20021-1

SUSE-SU-2026:20039-1

SUSE-SU-2026:20059-1

SUSE-SU-2026:20473-1

SUSE-SU-2026:20496-1

USN-7879-1

USN-7879-2

USN-7879-3

USN-7879-4

USN-7887-1

USN-7887-2

USN-7934-1

USN-7940-1

USN-7940-2

Affected Products

Intel Granite Rapids

Linuxmint

Linux Kernel

Ubuntu

PT-2025-46632 · Linux+3 · Linux Kernel+3

CVE-2025-40157

Weakness Enumeration

Related Identifiers

Affected Products

References · 594