Data Leak Vulnerability in Linux Kernel's DRM Subsystem
CVE-2025-40276

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
6 December 2025

What is CVE-2025-40276?

A vulnerability exists in the Linux kernel's DRM subsystem, specifically within the shmem layer, where new pages are zeroed out using cached mappings. Failure to execute a CPU flush may leave dirty cachelines unaddressed, potentially resulting in harmful data leaks and the risk of asynchronous buffer corruption upon eviction of these cachelines. This vulnerability highlights the critical need for proper handling of memory management operations to ensure data integrity and system stability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 8a1cc07578bf42d85f008316873d710ff684dd29 < 8355eea2a2e9c323021dfdcb95d7767d382123c4

Linux 8a1cc07578bf42d85f008316873d710ff684dd29 < 7a12f9c96d06b145562f76ffb20369b4692f0911

Linux 8a1cc07578bf42d85f008316873d710ff684dd29 < 576c930e5e7dcb937648490611a83f1bf0171048

References

https://git.kernel.org/stable/c/8355eea2a2e9c323021dfdcb9...
https://git.kernel.org/stable/c/7a12f9c96d06b145562f76ffb...
https://git.kernel.org/stable/c/576c930e5e7dcb93764849061...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.