Linux Kernel Vulnerability in nios2 Configuration Affecting Memory Management
CVE-2025-40245

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 December 2025

What is CVE-2025-40245?

A vulnerability in the Linux kernel's nios2 architecture configuration can lead to improper memory management, resulting in kernel paging failures. Specifically, when CONFIG_FLATMEM is set, the kernel relies on memblock_get_current_limit() for determining memory mapping limits. If not properly initialized, this can cause max_low_pfn to exceed max_pfn, leading to persistent kernel panic errors. The introduced patch rectifies the issue by adjusting memblock.current_limit based on upper memory limits, thus preventing unintended memory access and ensuring system stability.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 25f09699edd360b534ccae16bc276c3b52c471f3

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 5c3e38a367822f036227dd52bac82dc4a05157e2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

References

https://git.kernel.org/stable/c/25f09699edd360b534ccae16b...

https://git.kernel.org/stable/c/5c3e38a367822f036227dd52b...

https://git.kernel.org/stable/c/b1ec9faef7e36269ca3ec8909...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 4, 2025
Vulnerability Reserved
Apr 16, 2025

JSON