Memory Corruption in Linux Kernel Affecting IMX_SC_KEY Functionality
CVE-2025-40262

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 December 2025

What is CVE-2025-40262?

A vulnerability in the Linux kernel's imx_sc_key function allows for memory corruption due to incorrect use of memory addresses when passing parameters. Specifically, the function improperly passes a stack address instead of the intended private structure, leading to instability and potential exploitation when the imx_sc_key_action() function is executed. Addressing this issue is critical to maintaining system integrity and protecting against possible attacks.

Affected Version(s)

Linux 768062fd1284529212daffd360314e9aa93abb62

Linux 768062fd1284529212daffd360314e9aa93abb62 < 56881294915a6e866d31a46f9bcb5e19167cfbaa

Linux 768062fd1284529212daffd360314e9aa93abb62 < 6524a15d33951b18ac408ebbcb9c16e14e21c336

References

https://git.kernel.org/stable/c/ca9a08de9b294422376f47ade...

https://git.kernel.org/stable/c/56881294915a6e866d31a46f9...

https://git.kernel.org/stable/c/6524a15d33951b18ac408ebbc...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 4, 2025
Vulnerability Reserved
Apr 16, 2025

JSON