Kernel Error Handling Vulnerability in Linux Kernel Affecting Qualcomm Products
CVE-2025-40247

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 December 2025

What is CVE-2025-40247?

A vulnerability in the Linux kernel related to memory handling has been identified. This issue arises when the user pgtable attempts to navigate a NULL pointer, leading to a kernel crash. The problem is believed to stem from error path cleanup following a failed memory allocation, causing improper handling during the process. This vulnerability demands immediate attention as it could potentially lead to system instability and user data loss.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 830d68f2cb8ab6fb798bb9555016709a9e012af0

Linux 6.17.10 <= 6.17.*

References

https://git.kernel.org/stable/c/b865da18b6cb878f33b592069...

https://git.kernel.org/stable/c/830d68f2cb8ab6fb798bb9555...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 4, 2025
Vulnerability Reserved
Apr 16, 2025

JSON