Kernel Vulnerability in PCI System Affecting RZ/G3S Host Controller
CVE-2025-40076

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 28 October 2025

What is CVE-2025-40076?

A vulnerability in the Linux kernel PCI subsystem has been identified, specifically affecting the rcar-host driver. The flaw arises when the MSI parent IRQ domain is improperly referenced, leading to a NULL pointer dereference during IRQ handling. This issue emerged during the transition to the msi_create_parent_irq_domain function, where inadequate testing on specific hardware configurations left the problem unreported. Successfully exploiting this vulnerability could allow an attacker to disrupt system functionality.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch