Linux Kernel Input Queue Vulnerability in GSM Modem Communications
CVE-2025-40071
What is CVE-2025-40071?
The vulnerability in the Linux kernel affects GSM modem communications by improperly handling the input queue during the establishment of DLC channels. Specifically, the function gsm_queue() is affected, as it blocks input while waiting for responses from the remote end. This issue arises during the sending of Modem Status Commands (MSC) in basic mode, as it does not allow the process to continue without this response. A new function, gsm_modem_send_initial_msc(), has been introduced to rectify this by circumventing the response wait, thus improving efficiency in basic encoding but having no impact on advanced modes or type 2 convergence layers.
Affected Version(s)
Linux 48473802506d2d6151f59e0e764932b33b53cb3b
Linux 48473802506d2d6151f59e0e764932b33b53cb3b < 5416e89b81b00443cb03c88df8da097ae091a141
Linux 48473802506d2d6151f59e0e764932b33b53cb3b