CVE-2025-40089
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2025-10-30

Last updated on: 2025-10-30

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: cxl/features: Add check for no entries in cxl_feature_info cxl EDAC calls cxl_feature_info() to get the feature information and if the hardware has no Features support, cxlfs may be passed in as NULL. [ 51.957498] BUG: kernel NULL pointer dereference, address: 0000000000000008 [ 51.965571] #PF: supervisor read access in kernel mode [ 51.971559] #PF: error_code(0x0000) - not-present page [ 51.977542] PGD 17e4f6067 P4D 0 [ 51.981384] Oops: Oops: 0000 [#1] SMP NOPTI [ 51.986300] CPU: 49 UID: 0 PID: 3782 Comm: systemd-udevd Not tainted 6.17.0dj test+ #64 PREEMPT(voluntary) [ 51.997355] Hardware name: <removed> [ 52.009790] RIP: 0010:cxl_feature_info+0xa/0x80 [cxl_core] Add a check for cxlfs before dereferencing it and return -EOPNOTSUPP if there is no cxlfs created due to no hardware support.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-30
Last Modified
2025-10-30
Generated
2026-06-16
AI Q&A
2025-10-30
EPSS Evaluated
2026-06-15
NVD
CVE-2025-40089
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a NULL pointer dereference in the Linux kernel's cxl_feature_info function. When the hardware does not support certain features, the cxl_feature_info function may receive a NULL pointer (cxlfs) and attempt to dereference it, causing a kernel crash (Oops). The fix adds a check for the NULL pointer and returns an error if no features are supported, preventing the crash.

Impact Analysis

This vulnerability can cause the Linux kernel to crash due to a NULL pointer dereference when accessing unsupported hardware features. This can lead to system instability, unexpected reboots, or denial of service on affected systems.

Detection Guidance

You can detect this vulnerability by monitoring your system logs for kernel NULL pointer dereference errors related to cxl_feature_info. Look for messages similar to: '[timestamp] BUG: kernel NULL pointer dereference, address: 0000000000000008' or 'Oops: Oops: 0000 [#1] SMP NOPTI' referencing cxl_feature_info in the kernel logs. Use commands like 'dmesg | grep cxl_feature_info' or 'journalctl -k | grep cxl_feature_info' to find such entries.

Mitigation Strategies

Immediate mitigation involves updating your Linux kernel to a version that includes the fix which adds a check for cxlfs before dereferencing it, preventing NULL pointer dereference. Until the update is applied, avoid using hardware or features that trigger cxl_feature_info calls if possible.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-40089. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart