Linux Kernel Vulnerability in DMA Transfer Handling by Vendor
CVE-2025-40172

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
12 November 2025

What is CVE-2025-40172?

A vulnerability exists in the Linux kernel's handling of DMA transfers, specifically within the find_and_map_user_pages() function. When a DMA transfer request is made with a length set to zero, or in scenarios where the host device incorrectly requests continuation after all bytes have been transferred, the function may fail to allocate necessary resources. This oversight results in access to uninitialized memory, leading to a general protection fault, which can cause instability and may be exploited. Proper error handling measures have been integrated to return an EINVAL in these cases to mitigate the issues.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 96d3c1cadedb6ae2e8965e19cd12caa244afbd9c < 48b1d42286bfef7628b1d6c8c28d4e456c90f725

Linux 96d3c1cadedb6ae2e8965e19cd12caa244afbd9c < 551f1dfbcb7f3e6ed07f9d6c8c1c64337fcd0ede

Linux 96d3c1cadedb6ae2e8965e19cd12caa244afbd9c < 1ab9733d14cc9987cc5dcd1f0ad1f416e302e2e6

References

https://git.kernel.org/stable/c/48b1d42286bfef7628b1d6c8c...
https://git.kernel.org/stable/c/551f1dfbcb7f3e6ed07f9d6c8...
https://git.kernel.org/stable/c/1ab9733d14cc9987cc5dcd1f0...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.