| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025111245-CVE-2025-40193-6519@gregkh>
Date: Wed, 12 Nov 2025 17:00:56 -0500
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: linux-cve-announce@...r.kernel.org
Cc: Greg Kroah-Hartman <gregkh@...nel.org>
Subject: CVE-2025-40193: xtensa: simdisk: add input size check in proc_write_simdisk
From: Greg Kroah-Hartman <gregkh@...nel.org>
Description
===========
In the Linux kernel, the following vulnerability has been resolved:
xtensa: simdisk: add input size check in proc_write_simdisk
A malicious user could pass an arbitrarily bad value
to memdup_user_nul(), potentially causing kernel crash.
This follows the same pattern as commit ee76746387f6
("netdevsim: prevent bad user input in nsim_dev_health_break_write()")
The Linux kernel CVE team has assigned CVE-2025-40193 to this issue.
Affected and fixed versions
===========================
Issue introduced in 3.9 with commit b6c7e873daf765e41233b9752083b66442703b7a and fixed in 6.1.157 with commit f40405ccfb87b71175f2d5d004c0b8a0aebcc2cf
Issue introduced in 3.9 with commit b6c7e873daf765e41233b9752083b66442703b7a and fixed in 6.6.113 with commit 151bd88859474cdaccc1e4c8b21fbf72dbba2ab4
Issue introduced in 3.9 with commit b6c7e873daf765e41233b9752083b66442703b7a and fixed in 6.12.54 with commit d381de7fd4cdc928ede96987dc64b133e6480dd6
Issue introduced in 3.9 with commit b6c7e873daf765e41233b9752083b66442703b7a and fixed in 6.17.4 with commit a0c2c36d864ef3676b05cfd8c58b72ee3214cb1a
Issue introduced in 3.9 with commit b6c7e873daf765e41233b9752083b66442703b7a and fixed in 6.18-rc1 with commit 5d5f08fd0cd970184376bee07d59f635c8403f63
Please see https://www.kernel.org for a full list of currently supported
kernel versions by the kernel community.
Unaffected versions might change over time as fixes are backported to
older supported kernel versions. The official CVE entry at
https://cve.org/CVERecord/?id=CVE-2025-40193
will be updated if fixes are backported, please check that for the most
up to date information about this issue.
Affected files
==============
The file(s) affected by this issue are:
arch/xtensa/platforms/iss/simdisk.c
Mitigation
==========
The Linux kernel CVE team recommends that you update to the latest
stable kernel version for this, and many other bugfixes. Individual
changes are never tested alone, but rather are part of a larger kernel
release. Cherry-picking individual commits is not recommended or
supported by the Linux kernel community at all. If however, updating to
the latest release is impossible, the individual changes to resolve this
issue can be found at these commits:
https://git.kernel.org/stable/c/f40405ccfb87b71175f2d5d004c0b8a0aebcc2cf
https://git.kernel.org/stable/c/151bd88859474cdaccc1e4c8b21fbf72dbba2ab4
https://git.kernel.org/stable/c/d381de7fd4cdc928ede96987dc64b133e6480dd6
https://git.kernel.org/stable/c/a0c2c36d864ef3676b05cfd8c58b72ee3214cb1a
https://git.kernel.org/stable/c/5d5f08fd0cd970184376bee07d59f635c8403f63
Powered by blists - more mailing lists