Linux Kernel USB Network Driver Vulnerability Impacting Processor ID Handling
CVE-2025-40164

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
12 November 2025

What is CVE-2025-40164?

A vulnerability in the Linux kernel's usbnet driver has been identified, which arises from incorrect use of the smp_processor_id() function in preemptible code. This can lead to undefined behavior during the execution of network-related processes, particularly affecting the usbnet_skb_return function. The issue, traced back to specific versions of the Linux kernel, has been addressed by implementing appropriate local_bh_disable/enable() protections within the usbnet_resume_rx function to prevent adverse effects in a softirq or interrupt context. Users are encouraged to update to the patched version to maintain system integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 43daa96b166c3cf5ff30dfac0c5efa2620e4beab < 65d04291adf7c59338f87aab9c6fe0bfa9993e64

Linux 43daa96b166c3cf5ff30dfac0c5efa2620e4beab

Linux 43daa96b166c3cf5ff30dfac0c5efa2620e4beab < 17fbad93879e87a334062882b45fa727ba1b3dd7

References

https://git.kernel.org/stable/c/65d04291adf7c59338f87aab9...
https://git.kernel.org/stable/c/f45fffae5e2549bd0a4670cc5...
https://git.kernel.org/stable/c/17fbad93879e87a334062882b...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.