Linux Kernel Vulnerability in SMC Networking Feature
CVE-2025-40012
What is CVE-2025-40012?
A vulnerability in the Linux kernel's SMC (Shared Memory Communication) implementation arises from improper memory allocation. Specifically, the function smc_lo_register_dmb() mistakenly uses kzalloc() for DMB buffers, which are then passed to get_page() in the smc_rx_splice() call. This can trigger a warning due to the mismatch in expected memory types, potentially leading to a use-after-free condition if the allocated memory is released before the splice operation is completed. To mitigate this issue, it's recommended to use folio_alloc() instead, which ensures that the memory is page-backed and safely managed across system calls.
Affected Version(s)
Linux f7a22071dbf316c982fb44308874bd7ad9ac2091 < 14fc4fdae42e34d7ee871b292ac2ecc61c2c5de7
Linux f7a22071dbf316c982fb44308874bd7ad9ac2091
Linux f7a22071dbf316c982fb44308874bd7ad9ac2091