Linux Kernel Vulnerability in SCSI Driver Functions
CVE-2025-40259

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
4 December 2025

What is CVE-2025-40259?

A vulnerability in the Linux kernel's SCSI driver functions occurs when sg_finish_rem_req() is executed. The blk_rq_unmap_user() function called within this context is capable of entering a sleep state, which can lead to unintended consequences in a multi-threaded environment. By ensuring that sg_finish_rem_req() is called with interrupts enabled, this issue is mitigated, enhancing the overall stability and security of the kernel's SCSI subsystem.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 97d27b0dd015e980ade63fda111fd1353276e28b < 11eeee00c94d770d4e45364060b5f1526dfe567b

Linux 97d27b0dd015e980ade63fda111fd1353276e28b

Linux 97d27b0dd015e980ade63fda111fd1353276e28b < 109afbd88ecc46b6cc7551367222387e97999765

References

https://git.kernel.org/stable/c/11eeee00c94d770d4e4536406...
https://git.kernel.org/stable/c/db6ac8703ab2b473e1ec845f5...
https://git.kernel.org/stable/c/109afbd88ecc46b6cc7551367...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.