CVE-2025-40157
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2025-11-12

Last updated on: 2025-11-12

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller When loading the i10nm_edac driver on some Intel Granite Rapids servers, a call trace may appear as follows: UBSAN: shift-out-of-bounds in drivers/edac/skx_common.c:453:16 shift exponent -66 is negative ... __ubsan_handle_shift_out_of_bounds+0x1e3/0x390 skx_get_dimm_info.cold+0x47/0xd40 [skx_edac_common] i10nm_get_dimm_config+0x23e/0x390 [i10nm_edac] skx_register_mci+0x159/0x220 [skx_edac_common] i10nm_init+0xcb0/0x1ff0 [i10nm_edac] ... This occurs because some BIOS may disable a memory controller if there aren't any memory DIMMs populated on this memory controller. The DIMMMTR register of this disabled memory controller contains the invalid value ~0, resulting in the call trace above. Fix this call trace by skipping DIMM enumeration on a disabled memory controller.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-11-12
Last Modified
2025-11-12
Generated
2026-05-07
AI Q&A
2025-11-13
EPSS Evaluated
2026-05-05
NVD
CVE-2025-40157
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability occurs in the Linux kernel's EDAC/i10nm driver when it attempts to enumerate DIMMs on a disabled memory controller. Some BIOS configurations disable memory controllers if no memory DIMMs are populated, causing the DIMMMTR register to hold an invalid value (~0). This leads to a call trace error involving a shift-out-of-bounds operation. The fix involves skipping DIMM enumeration on disabled memory controllers to prevent this error.


How can this vulnerability impact me? :

This vulnerability can cause errors or crashes in the Linux kernel when the i10nm_edac driver tries to access invalid memory controller information. This may affect system stability or reliability on affected Intel Granite Rapids servers with certain BIOS configurations that disable memory controllers without DIMMs.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by observing kernel logs for call traces related to the i10nm_edac driver, specifically messages indicating 'UBSAN: shift-out-of-bounds' errors in drivers/edac/skx_common.c. You can check the kernel log using commands such as 'dmesg | grep i10nm_edac' or 'journalctl -k | grep i10nm_edac' to look for these error traces.


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation involves updating the Linux kernel to a version where the i10nm_edac driver has been fixed to skip DIMM enumeration on disabled memory controllers. Until then, monitoring kernel logs for the described call trace can help identify affected systems. There are no specific configuration changes or patches mentioned other than applying the fix in the kernel.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart