CVE-2025-40076
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2025-10-28

Last updated on: 2025-10-30

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: PCI: rcar-host: Pass proper IRQ domain to generic_handle_domain_irq() Starting with commit dd26c1a23fd5 ("PCI: rcar-host: Switch to msi_create_parent_irq_domain()"), the MSI parent IRQ domain is NULL because the object of type struct irq_domain_info passed to: msi_create_parent_irq_domain() -> irq_domain_instantiate()() -> __irq_domain_instantiate() has no reference to the parent IRQ domain. Using msi->domain->parent as an argument for generic_handle_domain_irq() leads to below error: "Unable to handle kernel NULL pointer dereference at virtual address" This error was identified while switching the upcoming RZ/G3S PCIe host controller driver to msi_create_parent_irq_domain() (which was using a similar pattern to handle MSIs (see link section)), but it was not tested on hardware using the pcie-rcar-host controller driver due to lack of hardware. [mani: reworded subject and description]
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-28
Last Modified
2025-10-30
Generated
2026-06-16
AI Q&A
2025-10-28
EPSS Evaluated
2026-06-15
NVD
CVE-2025-40076
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in the Linux kernel involves the PCI rcar-host driver passing a NULL MSI parent IRQ domain to the function generic_handle_domain_irq(). This happens because the struct irq_domain_info object used in msi_create_parent_irq_domain() lacks a reference to the parent IRQ domain. As a result, when generic_handle_domain_irq() is called with a NULL pointer, it causes a kernel NULL pointer dereference error.

Impact Analysis

The vulnerability can cause the Linux kernel to encounter a NULL pointer dereference error, which may lead to kernel crashes or system instability when using the affected PCI rcar-host driver. This can disrupt normal system operations and potentially cause denial of service.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-40076. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart