Out-of-Bounds Access Issue in Linux Kernel's Mailbox Cleanup Loop
CVE-2025-40180

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 12 November 2025

What is CVE-2025-40180?

A vulnerability in the Linux kernel's mailbox cleanup process allows for out-of-bounds access due to improper indexing in the cleanup loop. This issue arises because the loop does not start at the correct zero-based index, potentially leading to memory being accessed beyond allocated bounds. This can create security risks as it opens doors for unauthorized memory access and could lead to system instability or exposure of sensitive data. Users are advised to apply the latest security updates to prevent such vulnerabilities.

Affected Version(s)

Linux 4981b82ba2ff87df6a711fcd7a233c615df5fc79

Linux 4981b82ba2ff87df6a711fcd7a233c615df5fc79 < 0aead8197fc1a85b0a89646e418feb49a564b029

References

https://git.kernel.org/stable/c/cd0cbf2713f6e027ebba867cb...

https://git.kernel.org/stable/c/ab96f08ecedd263ecaab9df84...

https://git.kernel.org/stable/c/0aead8197fc1a85b0a89646e4...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 12, 2025
Vulnerability Reserved
Apr 16, 2025

JSON