CVE-2025-40278
Deferred Deferred - Pending Action
BaseFortify

Publication date: 2025-12-06

Last updated on: 2026-06-02

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: net: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel-infoleak Fix a KMSAN kernel-infoleak detected by the syzbot . [net?] KMSAN: kernel-infoleak in __skb_datagram_iter In tcf_ife_dump(), the variable 'opt' was partially initialized using a designatied initializer. While the padding bytes are reamined uninitialized. nla_put() copies the entire structure into a netlink message, these uninitialized bytes leaked to userspace. Initialize the structure with memset before assigning its fields to ensure all members and padding are cleared prior to beign copied. This change silences the KMSAN report and prevents potential information leaks from the kernel memory. This fix has been tested and validated by syzbot. This patch closes the bug reported at the following syzkaller link and ensures no infoleak.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-06
Last Modified
2026-06-02
Generated
2026-06-16
AI Q&A
2025-12-07
EPSS Evaluated
2026-06-15
NVD
CVE-2025-40278
EUVD
EUVD-2025-201577
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a kernel information leak in the Linux kernel related to the net scheduler's act_ife module. Specifically, a structure (tc_ife) was only partially initialized, leaving some padding bytes uninitialized. When this structure was copied into a netlink message, these uninitialized bytes leaked kernel memory contents to userspace, potentially exposing sensitive information. The issue was detected by KMSAN (Kernel Memory Sanitizer) and fixed by fully initializing the structure with memset before use.

Impact Analysis

This vulnerability can lead to leakage of kernel memory contents to userspace, which may expose sensitive or confidential information from the kernel memory. Such information leaks can be exploited by attackers to gain insights into the system's internal state, potentially aiding further attacks or compromising system security.

Mitigation Strategies

Apply the patch that initializes the struct tc_ife with memset before assigning its fields, as described in the fix for this vulnerability. This prevents kernel memory information leaks by ensuring all members and padding bytes are cleared prior to being copied. The fix has been tested and validated by syzbot.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-40278. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart