CVE-2025-40118

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-40118
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40118.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-40118
Downstream
Published
2025-11-12T10:23:18.179Z
Modified
2025-11-17T04:28:14.196141Z
Summary
scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod
Details

In the Linux kernel, the following vulnerability has been resolved:

scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod

Since commit f7b705c238d1 ("scsi: pm80xx: Set phy_attached to zero when device is gone") UBSAN reports:

UBSAN: array-index-out-of-bounds in drivers/scsi/pm8001/pm8001sas.c:786:17 index 28 is out of range for type 'pm8001phy [16]'

on rmmod when using an expander.

For a direct attached device, attachedphy contains the local phy id. For a device behind an expander, attachedphy contains the remote phy id, not the local phy id.

I.e. while pm8001ha will have pm8001ha->chip->nphy local phys, for a device behind an expander, attachedphy can be much larger than pm8001ha->chip->nphy (depending on the amount of phys of the expander).

E.g. on my system pm8001_ha has 8 phys with phy ids 0-7. One of the ports has an expander connected. The expander has 31 phys with phy ids 0-30.

The pm8001ha->phy array only contains the phys of the HBA. It does not contain the phys of the expander. Thus, it is wrong to use attachedphy to index the pm8001_ha->phy array for a device behind an expander.

Thus, we can only clear phy_attached for devices that are directly attached.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
05b512879eab41faa515b67fa3896d0005e97909
Fixed
d94be0a6ae9ade706d4270e740bdb4f79953a7fc
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
bc2140c8136200b4437e1abc0fb659968cb9baab
Fixed
45acbf154befedd9bc135f5e031fe7855d1e6493
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1d8f9378cb4800c18e20d80ecd605b2b93e87a03
Fixed
eef5ef400893f8e3dbb09342583be0cdc716d566
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
30e482dfb8f27d22f518695d4bcb5e7f4c6cb08a
Fixed
9c671d4dbfbfb0d73cfdfb706afb36d9ad60a582
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
a862d24e1fc3ab1b5e5f20878d2898cea346d0ec
Fixed
e62251954a128a2d0fcbc19e5fa39e08935bb628
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
0f9802f174227f553959422f844eeb9ba72467fe
Fixed
9326a1541e1b7ed3efdbab72061b82cf01c6477a
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
f7b705c238d1483f0a766e2b20010f176e5c0fb7
Fixed
83ced3c206c292458e47c7fac54223abc7141585
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
f7b705c238d1483f0a766e2b20010f176e5c0fb7
Fixed
251be2f6037fb7ab399f68cd7428ff274133d693
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
722026c010fa75bcf9e2373aff1d7930a3d7e3cf

Affected versions

v2.*

v2.6.12
v2.6.12-rc2
v2.6.12-rc3
v2.6.12-rc4
v2.6.12-rc5
v2.6.12-rc6
v2.6.13
v2.6.13-rc1
v2.6.13-rc2
v2.6.13-rc3
v2.6.13-rc4
v2.6.13-rc5
v2.6.13-rc6
v2.6.13-rc7
v2.6.14
v2.6.14-rc1
v2.6.14-rc2
v2.6.14-rc3
v2.6.14-rc4
v2.6.14-rc5
v2.6.15
v2.6.15-rc1
v2.6.15-rc2
v2.6.15-rc3
v2.6.15-rc4
v2.6.15-rc5
v2.6.15-rc6
v2.6.15-rc7
v2.6.16
v2.6.16-rc1
v2.6.16-rc2
v2.6.16-rc3
v2.6.16-rc4
v2.6.16-rc5
v2.6.16-rc6
v2.6.17
v2.6.17-rc1
v2.6.17-rc2
v2.6.17-rc3
v2.6.17-rc4
v2.6.17-rc5
v2.6.17-rc6
v2.6.18
v2.6.18-rc1
v2.6.18-rc2
v2.6.18-rc3
v2.6.18-rc4
v2.6.18-rc5
v2.6.18-rc6
v2.6.18-rc7
v2.6.19
v2.6.19-rc1
v2.6.19-rc2
v2.6.19-rc3
v2.6.19-rc4
v2.6.19-rc5
v2.6.19-rc6
v2.6.20
v2.6.20-rc1
v2.6.20-rc2
v2.6.20-rc3
v2.6.20-rc4
v2.6.20-rc5
v2.6.20-rc6
v2.6.20-rc7
v2.6.21
v2.6.21-rc1
v2.6.21-rc2
v2.6.21-rc3
v2.6.21-rc4
v2.6.21-rc5
v2.6.21-rc6
v2.6.21-rc7
v2.6.22
v2.6.22-rc1
v2.6.22-rc2
v2.6.22-rc3
v2.6.22-rc4
v2.6.22-rc5
v2.6.22-rc6
v2.6.22-rc7
v2.6.23
v2.6.23-rc1
v2.6.23-rc2
v2.6.23-rc3
v2.6.23-rc4
v2.6.23-rc5
v2.6.23-rc6
v2.6.23-rc7
v2.6.23-rc8
v2.6.23-rc9
v2.6.24
v2.6.24-rc1
v2.6.24-rc2
v2.6.24-rc3
v2.6.24-rc4
v2.6.24-rc5
v2.6.24-rc6
v2.6.24-rc7
v2.6.24-rc8
v2.6.25
v2.6.25-rc1
v2.6.25-rc2
v2.6.25-rc3
v2.6.25-rc4
v2.6.25-rc5
v2.6.25-rc6
v2.6.25-rc7
v2.6.25-rc8
v2.6.25-rc9
v2.6.26
v2.6.26-rc1
v2.6.26-rc2
v2.6.26-rc3
v2.6.26-rc4
v2.6.26-rc5
v2.6.26-rc6
v2.6.26-rc7
v2.6.26-rc8
v2.6.26-rc9
v2.6.27
v2.6.27-rc1
v2.6.27-rc2
v2.6.27-rc3
v2.6.27-rc4
v2.6.27-rc5
v2.6.27-rc6
v2.6.27-rc7
v2.6.27-rc8
v2.6.27-rc9
v2.6.28
v2.6.28-rc1
v2.6.28-rc2
v2.6.28-rc3
v2.6.28-rc4
v2.6.28-rc5
v2.6.28-rc6
v2.6.28-rc7
v2.6.28-rc8
v2.6.28-rc9
v2.6.29
v2.6.29-rc1
v2.6.29-rc2
v2.6.29-rc3
v2.6.29-rc4
v2.6.29-rc5
v2.6.29-rc6
v2.6.29-rc7
v2.6.29-rc8
v2.6.30
v2.6.30-rc1
v2.6.30-rc2
v2.6.30-rc3
v2.6.30-rc4
v2.6.30-rc5
v2.6.30-rc6
v2.6.30-rc7
v2.6.30-rc8
v2.6.31
v2.6.31-rc1
v2.6.31-rc2
v2.6.31-rc3
v2.6.31-rc4
v2.6.31-rc5
v2.6.31-rc6
v2.6.31-rc7
v2.6.31-rc8
v2.6.31-rc9
v2.6.32
v2.6.32-rc1
v2.6.32-rc2
v2.6.32-rc3
v2.6.32-rc4
v2.6.32-rc5
v2.6.32-rc6
v2.6.32-rc7
v2.6.32-rc8
v2.6.33
v2.6.33-rc1
v2.6.33-rc2
v2.6.33-rc3
v2.6.33-rc4
v2.6.33-rc5
v2.6.33-rc6
v2.6.33-rc7
v2.6.33-rc8
v2.6.34
v2.6.34-rc1
v2.6.34-rc2
v2.6.34-rc3
v2.6.34-rc4
v2.6.34-rc5
v2.6.34-rc6
v2.6.34-rc7
v2.6.35
v2.6.35-rc1
v2.6.35-rc2
v2.6.35-rc3
v2.6.35-rc4
v2.6.35-rc5
v2.6.35-rc6
v2.6.36
v2.6.36-rc1
v2.6.36-rc2
v2.6.36-rc3
v2.6.36-rc4
v2.6.36-rc5
v2.6.36-rc6
v2.6.36-rc7
v2.6.36-rc8
v2.6.37
v2.6.37-rc1
v2.6.37-rc2
v2.6.37-rc3
v2.6.37-rc4
v2.6.37-rc5
v2.6.37-rc6
v2.6.37-rc7
v2.6.37-rc8
v2.6.38
v2.6.38-rc1
v2.6.38-rc2
v2.6.38-rc3
v2.6.38-rc4
v2.6.38-rc5
v2.6.38-rc6
v2.6.38-rc7
v2.6.38-rc8
v2.6.39
v2.6.39-rc1
v2.6.39-rc2
v2.6.39-rc3
v2.6.39-rc4
v2.6.39-rc5
v2.6.39-rc6
v2.6.39-rc7

v3.*

v3.0
v3.0-rc1
v3.0-rc2
v3.0-rc3
v3.0-rc4
v3.0-rc5
v3.0-rc6
v3.0-rc7
v3.1
v3.1-rc1
v3.1-rc10
v3.1-rc2
v3.1-rc3
v3.1-rc4
v3.1-rc5
v3.1-rc6
v3.1-rc7
v3.1-rc8
v3.1-rc9
v3.10
v3.10-rc1
v3.10-rc2
v3.10-rc3
v3.10-rc4
v3.10-rc5
v3.10-rc6
v3.10-rc7
v3.11
v3.11-rc1
v3.11-rc2
v3.11-rc3
v3.11-rc4
v3.11-rc5
v3.11-rc6
v3.11-rc7
v3.12
v3.12-rc1
v3.12-rc2
v3.12-rc3
v3.12-rc4
v3.12-rc5
v3.12-rc6
v3.12-rc7
v3.13
v3.13-rc1
v3.13-rc2
v3.13-rc3
v3.13-rc4
v3.13-rc5
v3.13-rc6
v3.13-rc7
v3.13-rc8
v3.14
v3.14-rc1
v3.14-rc2
v3.14-rc3
v3.14-rc4
v3.14-rc5
v3.14-rc6
v3.14-rc7
v3.14-rc8
v3.15
v3.15-rc1
v3.15-rc2
v3.15-rc3
v3.15-rc4
v3.15-rc5
v3.15-rc6
v3.15-rc7
v3.15-rc8
v3.16
v3.16-rc1
v3.16-rc2
v3.16-rc3
v3.16-rc4
v3.16-rc5
v3.16-rc6
v3.16-rc7
v3.17
v3.17-rc1
v3.17-rc2
v3.17-rc3
v3.17-rc4
v3.17-rc5
v3.17-rc6
v3.17-rc7
v3.18
v3.18-rc1
v3.18-rc2
v3.18-rc3
v3.18-rc4
v3.18-rc5
v3.18-rc6
v3.18-rc7
v3.19
v3.19-rc1
v3.19-rc2
v3.19-rc3
v3.19-rc4
v3.19-rc5
v3.19-rc6
v3.19-rc7
v3.2
v3.2-rc1
v3.2-rc2
v3.2-rc3
v3.2-rc4
v3.2-rc5
v3.2-rc6
v3.2-rc7
v3.3
v3.3-rc1
v3.3-rc2
v3.3-rc3
v3.3-rc4
v3.3-rc5
v3.3-rc6
v3.3-rc7
v3.4
v3.4-rc1
v3.4-rc2
v3.4-rc3
v3.4-rc4
v3.4-rc5
v3.4-rc6
v3.4-rc7
v3.5
v3.5-rc1
v3.5-rc2
v3.5-rc3
v3.5-rc4
v3.5-rc5
v3.5-rc6
v3.5-rc7
v3.6
v3.6-rc1
v3.6-rc2
v3.6-rc3
v3.6-rc4
v3.6-rc5
v3.6-rc6
v3.6-rc7
v3.7
v3.7-rc1
v3.7-rc2
v3.7-rc3
v3.7-rc4
v3.7-rc5
v3.7-rc6
v3.7-rc7
v3.7-rc8
v3.8
v3.8-rc1
v3.8-rc2
v3.8-rc3
v3.8-rc4
v3.8-rc5
v3.8-rc6
v3.8-rc7
v3.9
v3.9-rc1
v3.9-rc2
v3.9-rc3
v3.9-rc4
v3.9-rc5
v3.9-rc6
v3.9-rc7
v3.9-rc8

v4.*

v4.0
v4.0-rc1
v4.0-rc2
v4.0-rc3
v4.0-rc4
v4.0-rc5
v4.0-rc6
v4.0-rc7
v4.1
v4.1-rc1
v4.1-rc2
v4.1-rc3
v4.1-rc4
v4.1-rc5
v4.1-rc6
v4.1-rc7
v4.1-rc8
v4.10
v4.10-rc1
v4.10-rc2
v4.10-rc3
v4.10-rc4
v4.10-rc5
v4.10-rc6
v4.10-rc7
v4.10-rc8
v4.11
v4.11-rc1
v4.11-rc2
v4.11-rc3
v4.11-rc4
v4.11-rc5
v4.11-rc6
v4.11-rc7
v4.11-rc8
v4.12
v4.12-rc1
v4.12-rc2
v4.12-rc3
v4.12-rc4
v4.12-rc5
v4.12-rc6
v4.12-rc7
v4.13
v4.13-rc1
v4.13-rc2
v4.13-rc3
v4.13-rc4
v4.13-rc5
v4.13-rc6
v4.13-rc7
v4.14
v4.14-rc1
v4.14-rc2
v4.14-rc3
v4.14-rc4
v4.14-rc5
v4.14-rc6
v4.14-rc7
v4.14-rc8
v4.15
v4.15-rc1
v4.15-rc2
v4.15-rc3
v4.15-rc4
v4.15-rc5
v4.15-rc6
v4.15-rc7
v4.15-rc8
v4.15-rc9
v4.16
v4.16-rc1
v4.16-rc2
v4.16-rc3
v4.16-rc4
v4.16-rc5
v4.16-rc6
v4.16-rc7
v4.17
v4.17-rc1
v4.17-rc2
v4.17-rc3
v4.17-rc4
v4.17-rc5
v4.17-rc6
v4.17-rc7
v4.18
v4.18-rc1
v4.18-rc2
v4.18-rc3
v4.18-rc4
v4.18-rc5
v4.18-rc6
v4.18-rc7
v4.18-rc8
v4.19
v4.19-rc1
v4.19-rc2
v4.19-rc3
v4.19-rc4
v4.19-rc5
v4.19-rc6
v4.19-rc7
v4.19-rc8
v4.2
v4.2-rc1
v4.2-rc2
v4.2-rc3
v4.2-rc4
v4.2-rc5
v4.2-rc6
v4.2-rc7
v4.2-rc8
v4.20
v4.20-rc1
v4.20-rc2
v4.20-rc3
v4.20-rc4
v4.20-rc5
v4.20-rc6
v4.20-rc7
v4.3
v4.3-rc1
v4.3-rc2
v4.3-rc3
v4.3-rc4
v4.3-rc5
v4.3-rc6
v4.3-rc7
v4.4
v4.4-rc1
v4.4-rc2
v4.4-rc3
v4.4-rc4
v4.4-rc5
v4.4-rc6
v4.4-rc7
v4.4-rc8
v4.5
v4.5-rc1
v4.5-rc2
v4.5-rc3
v4.5-rc4
v4.5-rc5
v4.5-rc6
v4.5-rc7
v4.6
v4.6-rc1
v4.6-rc2
v4.6-rc3
v4.6-rc4
v4.6-rc5
v4.6-rc6
v4.6-rc7
v4.7
v4.7-rc1
v4.7-rc2
v4.7-rc3
v4.7-rc4
v4.7-rc5
v4.7-rc6
v4.7-rc7
v4.8
v4.8-rc1
v4.8-rc2
v4.8-rc3
v4.8-rc4
v4.8-rc5
v4.8-rc6
v4.8-rc7
v4.8-rc8
v4.9
v4.9-rc1
v4.9-rc2
v4.9-rc3
v4.9-rc4
v4.9-rc5
v4.9-rc6
v4.9-rc7
v4.9-rc8

v5.*

v5.0
v5.0-rc1
v5.0-rc2
v5.0-rc3
v5.0-rc4
v5.0-rc5
v5.0-rc6
v5.0-rc7
v5.0-rc8
v5.1
v5.1-rc1
v5.1-rc2
v5.1-rc3
v5.1-rc4
v5.1-rc5
v5.1-rc6
v5.1-rc7
v5.10
v5.10-rc1
v5.10-rc2
v5.10-rc3
v5.10-rc4
v5.10-rc5
v5.10-rc6
v5.10-rc7
v5.10.237
v5.10.238
v5.10.239
v5.10.240
v5.10.241
v5.10.242
v5.10.243
v5.10.244
v5.10.245
v5.11
v5.11-rc1
v5.11-rc2
v5.11-rc3
v5.11-rc4
v5.11-rc5
v5.11-rc6
v5.11-rc7
v5.12
v5.12-rc1
v5.12-rc1-dontuse
v5.12-rc2
v5.12-rc3
v5.12-rc4
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.181
v5.15.182
v5.15.183
v5.15.184
v5.15.185
v5.15.186
v5.15.187
v5.15.188
v5.15.189
v5.15.190
v5.15.191
v5.15.192
v5.15.193
v5.15.194
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v5.2
v5.2-rc1
v5.2-rc2
v5.2-rc3
v5.2-rc4
v5.2-rc5
v5.2-rc6
v5.2-rc7
v5.3
v5.3-rc1
v5.3-rc2
v5.3-rc3
v5.3-rc4
v5.3-rc5
v5.3-rc6
v5.3-rc7
v5.3-rc8
v5.4
v5.4-rc1
v5.4-rc2
v5.4-rc3
v5.4-rc4
v5.4-rc5
v5.4-rc6
v5.4-rc7
v5.4-rc8
v5.4.293
v5.4.294
v5.4.295
v5.4.296
v5.4.297
v5.4.298
v5.4.299
v5.4.300
v5.5
v5.5-rc1
v5.5-rc2
v5.5-rc3
v5.5-rc4
v5.5-rc5
v5.5-rc6
v5.5-rc7
v5.6
v5.6-rc1
v5.6-rc2
v5.6-rc3
v5.6-rc4
v5.6-rc5
v5.6-rc6
v5.6-rc7
v5.7
v5.7-rc1
v5.7-rc2
v5.7-rc3
v5.7-rc4
v5.7-rc5
v5.7-rc6
v5.7-rc7
v5.8
v5.8-rc1
v5.8-rc2
v5.8-rc3
v5.8-rc4
v5.8-rc5
v5.8-rc6
v5.8-rc7
v5.9
v5.9-rc1
v5.9-rc2
v5.9-rc3
v5.9-rc4
v5.9-rc5
v5.9-rc6
v5.9-rc7
v5.9-rc8

v6.*

v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.136
v6.1.137
v6.1.138
v6.1.139
v6.1.140
v6.1.141
v6.1.142
v6.1.143
v6.1.144
v6.1.145
v6.1.146
v6.1.147
v6.1.148
v6.1.149
v6.1.150
v6.1.151
v6.1.152
v6.1.153
v6.1.154
v6.1.155
v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.26
v6.12.27
v6.12.28
v6.12.29
v6.12.30
v6.12.31
v6.12.32
v6.12.33
v6.12.34
v6.12.35
v6.12.36
v6.12.37
v6.12.38
v6.12.39
v6.12.40
v6.12.41
v6.12.42
v6.12.43
v6.12.44
v6.12.45
v6.12.46
v6.12.47
v6.12.48
v6.12.49
v6.12.50
v6.12.51
v6.12.52
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.14
v6.14-rc1
v6.14-rc2
v6.14-rc3
v6.14-rc4
v6.14-rc5
v6.14-rc6
v6.14-rc7
v6.14.1
v6.14.2
v6.14.3
v6.14.4
v6.15
v6.15-rc1
v6.15-rc2
v6.15-rc3
v6.15-rc4
v6.15-rc5
v6.15-rc6
v6.15-rc7
v6.16
v6.16-rc1
v6.16-rc2
v6.16-rc3
v6.16-rc4
v6.16-rc5
v6.16-rc6
v6.16-rc7
v6.17
v6.17-rc1
v6.17-rc2
v6.17-rc3
v6.17-rc4
v6.17-rc5
v6.17-rc6
v6.17-rc7
v6.17.1
v6.17.2
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.100
v6.6.101
v6.6.102
v6.6.103
v6.6.104
v6.6.105
v6.6.106
v6.6.107
v6.6.108
v6.6.109
v6.6.110
v6.6.111
v6.6.89
v6.6.90
v6.6.91
v6.6.92
v6.6.93
v6.6.94
v6.6.95
v6.6.96
v6.6.97
v6.6.98
v6.6.99
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7

Database specific

vanir_signatures

[
    {
        "signature_type": "Line",
        "deprecated": false,
        "id": "CVE-2025-40118-09eca37f",
        "target": {
            "file": "drivers/scsi/pm8001/pm8001_sas.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@83ced3c206c292458e47c7fac54223abc7141585",
        "digest": {
            "line_hashes": [
                "335639088861372856347083116637232299100",
                "291984732064220839497074127455050958786",
                "305840281758919856617804356145219456960",
                "273653003243025278300139353155357856369",
                "288388621287135302304966771956729504173",
                "183416554311724930172703956649527900042",
                "252799418961609379088159442659849428549",
                "127085740309634405130968930915514648967"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1"
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "id": "CVE-2025-40118-0a8694a1",
        "target": {
            "file": "drivers/scsi/pm8001/pm8001_sas.c",
            "function": "pm8001_dev_gone_notify"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d94be0a6ae9ade706d4270e740bdb4f79953a7fc",
        "digest": {
            "function_hash": "244344639912141738242032041759548390873",
            "length": 755.0
        },
        "signature_version": "v1"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "id": "CVE-2025-40118-20378ffe",
        "target": {
            "file": "drivers/scsi/pm8001/pm8001_sas.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e62251954a128a2d0fcbc19e5fa39e08935bb628",
        "digest": {
            "line_hashes": [
                "335639088861372856347083116637232299100",
                "291984732064220839497074127455050958786",
                "305840281758919856617804356145219456960",
                "273653003243025278300139353155357856369",
                "288388621287135302304966771956729504173",
                "183416554311724930172703956649527900042",
                "252799418961609379088159442659849428549",
                "127085740309634405130968930915514648967"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "id": "CVE-2025-40118-6a97737a",
        "target": {
            "file": "drivers/scsi/pm8001/pm8001_sas.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@45acbf154befedd9bc135f5e031fe7855d1e6493",
        "digest": {
            "line_hashes": [
                "335639088861372856347083116637232299100",
                "291984732064220839497074127455050958786",
                "305840281758919856617804356145219456960",
                "273653003243025278300139353155357856369",
                "288388621287135302304966771956729504173",
                "183416554311724930172703956649527900042",
                "252799418961609379088159442659849428549",
                "127085740309634405130968930915514648967"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1"
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "id": "CVE-2025-40118-79e0f757",
        "target": {
            "file": "drivers/scsi/pm8001/pm8001_sas.c",
            "function": "pm8001_dev_gone_notify"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@eef5ef400893f8e3dbb09342583be0cdc716d566",
        "digest": {
            "function_hash": "72758585857479680976782963748676706273",
            "length": 773.0
        },
        "signature_version": "v1"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "id": "CVE-2025-40118-80c56849",
        "target": {
            "file": "drivers/scsi/pm8001/pm8001_sas.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9c671d4dbfbfb0d73cfdfb706afb36d9ad60a582",
        "digest": {
            "line_hashes": [
                "335639088861372856347083116637232299100",
                "291984732064220839497074127455050958786",
                "305840281758919856617804356145219456960",
                "273653003243025278300139353155357856369",
                "288388621287135302304966771956729504173",
                "183416554311724930172703956649527900042",
                "252799418961609379088159442659849428549",
                "127085740309634405130968930915514648967"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1"
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "id": "CVE-2025-40118-822aa9e8",
        "target": {
            "file": "drivers/scsi/pm8001/pm8001_sas.c",
            "function": "pm8001_dev_gone_notify"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@83ced3c206c292458e47c7fac54223abc7141585",
        "digest": {
            "function_hash": "283322881553148876603369034310675176829",
            "length": 764.0
        },
        "signature_version": "v1"
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "id": "CVE-2025-40118-8b735a92",
        "target": {
            "file": "drivers/scsi/pm8001/pm8001_sas.c",
            "function": "pm8001_dev_gone_notify"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@45acbf154befedd9bc135f5e031fe7855d1e6493",
        "digest": {
            "function_hash": "72758585857479680976782963748676706273",
            "length": 773.0
        },
        "signature_version": "v1"
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "id": "CVE-2025-40118-9587dce2",
        "target": {
            "file": "drivers/scsi/pm8001/pm8001_sas.c",
            "function": "pm8001_dev_gone_notify"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@251be2f6037fb7ab399f68cd7428ff274133d693",
        "digest": {
            "function_hash": "283322881553148876603369034310675176829",
            "length": 764.0
        },
        "signature_version": "v1"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "id": "CVE-2025-40118-a1823a52",
        "target": {
            "file": "drivers/scsi/pm8001/pm8001_sas.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@eef5ef400893f8e3dbb09342583be0cdc716d566",
        "digest": {
            "line_hashes": [
                "335639088861372856347083116637232299100",
                "291984732064220839497074127455050958786",
                "305840281758919856617804356145219456960",
                "273653003243025278300139353155357856369",
                "288388621287135302304966771956729504173",
                "183416554311724930172703956649527900042",
                "252799418961609379088159442659849428549",
                "127085740309634405130968930915514648967"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1"
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "id": "CVE-2025-40118-c2cb349d",
        "target": {
            "file": "drivers/scsi/pm8001/pm8001_sas.c",
            "function": "pm8001_dev_gone_notify"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9c671d4dbfbfb0d73cfdfb706afb36d9ad60a582",
        "digest": {
            "function_hash": "283322881553148876603369034310675176829",
            "length": 764.0
        },
        "signature_version": "v1"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "id": "CVE-2025-40118-d05d4a37",
        "target": {
            "file": "drivers/scsi/pm8001/pm8001_sas.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@251be2f6037fb7ab399f68cd7428ff274133d693",
        "digest": {
            "line_hashes": [
                "335639088861372856347083116637232299100",
                "291984732064220839497074127455050958786",
                "305840281758919856617804356145219456960",
                "273653003243025278300139353155357856369",
                "288388621287135302304966771956729504173",
                "183416554311724930172703956649527900042",
                "252799418961609379088159442659849428549",
                "127085740309634405130968930915514648967"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "id": "CVE-2025-40118-e4cca723",
        "target": {
            "file": "drivers/scsi/pm8001/pm8001_sas.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d94be0a6ae9ade706d4270e740bdb4f79953a7fc",
        "digest": {
            "line_hashes": [
                "335639088861372856347083116637232299100",
                "291984732064220839497074127455050958786",
                "305840281758919856617804356145219456960",
                "273653003243025278300139353155357856369",
                "288388621287135302304966771956729504173",
                "183416554311724930172703956649527900042",
                "252799418961609379088159442659849428549",
                "275986531895114437532353967209971271662"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1"
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "id": "CVE-2025-40118-e91b12f0",
        "target": {
            "file": "drivers/scsi/pm8001/pm8001_sas.c",
            "function": "pm8001_dev_gone_notify"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e62251954a128a2d0fcbc19e5fa39e08935bb628",
        "digest": {
            "function_hash": "283322881553148876603369034310675176829",
            "length": 764.0
        },
        "signature_version": "v1"
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.301
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.246
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.195
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.156
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.112
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.53
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.17.3