CVE-2025-40278
BaseFortify
Publication date: 2025-12-06
Last updated on: 2025-12-08
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a kernel information leak in the Linux kernel related to the net scheduler's act_ife module. Specifically, a structure (tc_ife) was only partially initialized, leaving some padding bytes uninitialized. When this structure was copied into a netlink message, these uninitialized bytes leaked kernel memory contents to userspace, potentially exposing sensitive information. The issue was detected by KMSAN (Kernel Memory Sanitizer) and fixed by fully initializing the structure with memset before use.
How can this vulnerability impact me? :
This vulnerability can lead to leakage of kernel memory contents to userspace, which may expose sensitive or confidential information from the kernel memory. Such information leaks can be exploited by attackers to gain insights into the system's internal state, potentially aiding further attacks or compromising system security.
What immediate steps should I take to mitigate this vulnerability?
Apply the patch that initializes the struct tc_ife with memset before assigning its fields, as described in the fix for this vulnerability. This prevents kernel memory information leaks by ensuring all members and padding bytes are cleared prior to being copied. The fix has been tested and validated by syzbot.