Linux Kernel IPMI Driver Vulnerability Affecting Multiple Versions
CVE-2025-40192

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 12 November 2025

What is CVE-2025-40192?

A recent vulnerability in the Linux kernel's IPMI driver has been identified, where a bug in the patch could lead to the driver entering an infinite loop if it encounters specific misbehaviors from the Baseboard Management Controller (BMC). Reports indicate that certain BMCs frequently exhibit this problematic behavior, prompting the need for close monitoring and prompt patching to mitigate potential disruptions.

Affected Version(s)

Linux c608966f3f9c2dca596967501d00753282b395fc

Linux c608966f3f9c2dca596967501d00753282b395fc < 8cf5c24533b8058910fcb83a25a9cf0306383780

References

https://git.kernel.org/stable/c/f4aab940ae9eb3ba32e5332b3...

https://git.kernel.org/stable/c/b9cc7155e65f6feca51bfedd5...

https://git.kernel.org/stable/c/8cf5c24533b8058910fcb83a2...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 12, 2025
Vulnerability Reserved
Apr 16, 2025

JSON