CVE-2025-40222

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.17.0-rc1+ #30

Description The Linux kernel contains a flaw in the serial handling code for the SH-SCI (SuperH Serial Communication Interface). Specifically, the receive error handling code incorrectly manages FIFO overrun conditions for RSCI (Receive Status Control Interrupt) ports. The issue arises from an incorrect memory offset used when accessing the overrun register for RSCI, leading to out-of-bounds access and a potential system crash. The sci serial in() function and sci handle fifo overrun() are involved in this issue. The sci getreg() function is called with an invalid register index, causing the system to access memory outside the expected bounds of the RSCI port parameters structure. This results in a warning message indicating an invalid register access. The problem does not affect the sci mpxed interrupt() interrupt handler, as it is not used for RSCI.

Recommendations Update to a version newer than 6.17.0-rc1+ #30.