CVE-2025-40117

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-40117

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40117.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-40117

Downstream

UBUNTU-CVE-2025-40117

Published

2025-11-12T10:23:17.851Z

Modified

2025-11-17T04:09:24.751622Z

Summary

misc: pci_endpoint_test: Fix array underflow in pci_endpoint_test_ioctl()

Details

In the Linux kernel, the following vulnerability has been resolved:

misc: pciendpointtest: Fix array underflow in pciendpointtest_ioctl()

Commit eefb83790a0d ("misc: pciendpointtest: Add doorbell test case") added NOBAR (-1) to the pcibarno enum which, in practical terms, changes the enum from an unsigned int to a signed int. If the user passes a negative number in pciendpointtestioctl() then it results in an array underflow in pciendpointtestbar().

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

eefb83790a0dda112d1755e4f5e213738d717e76

Fixed

6df3687922570f753574c40b35e83b26b32292d0

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

eefb83790a0dda112d1755e4f5e213738d717e76

Fixed

1ad82f9db13d85667366044acdfb02009d576c5a

Affected versions

v6.*

v6.16

v6.16-rc2

v6.16-rc3

v6.16-rc4

v6.16-rc5

v6.16-rc6

v6.16-rc7

v6.17

v6.17-rc1

v6.17-rc2

v6.17-rc3

v6.17-rc4

v6.17-rc5

v6.17-rc6

v6.17-rc7

v6.17.1

v6.17.2

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

6.17.0

Fixed

6.17.3