CVE-2025-40035
- Source
- https://cve.org/CVERecord?id=CVE-2025-40035
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40035.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-40035
- Downstream
- Related
- Published
- 2025-10-28T11:48:17.030Z
- Modified
- 2026-03-20T12:43:09.072852Z
- Summary
- Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
Input: uinput - zero-initialize uinputffupload_compat to avoid info leak
Struct ffeffectcompat is embedded twice inside uinputffuploadcompat, contains internal padding. In particular, there is a hole after struct ffreplay to satisfy alignment requirements for the following union member. Without clearing the structure, copytouser() may leak stack data to userspace.
Initialize ffupcompat to zero before filling valid fields.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40035.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/1b317796013f666ae5040edbf0f230ec61496d42
- https://git.kernel.org/stable/c/48c96b7e9e03516936d6deba54b5553097eae817
- https://git.kernel.org/stable/c/877172b97786ed1678640dff0b2d35abb328844c
- https://git.kernel.org/stable/c/933b87c4590b42500299f00ff55f555903056803
- https://git.kernel.org/stable/c/d3366a04770eea807f2826cbdb96934dd8c9bf79
- https://git.kernel.org/stable/c/e63aade22a33e77b93c98c9f02db504d897a76b4
- https://git.kernel.org/stable/c/f5e1f3b85aadce74268c46676772c3e9fa79897e
- https://git.kernel.org/stable/c/fd8a23ecbc602d00e47b27f20b07350867d0ebe5
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40035.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-40035
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced2d56f3a32c0e62f99c043d2579840f9731fe5855Fixed1b317796013f666ae5040edbf0f230ec61496d42Fixed877172b97786ed1678640dff0b2d35abb328844cFixede63aade22a33e77b93c98c9f02db504d897a76b4Fixed933b87c4590b42500299f00ff55f555903056803Fixedfd8a23ecbc602d00e47b27f20b07350867d0ebe5Fixed48c96b7e9e03516936d6deba54b5553097eae817Fixedf5e1f3b85aadce74268c46676772c3e9fa79897eFixedd3366a04770eea807f2826cbdb96934dd8c9bf79
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced2.6.29Fixed5.4.301
- Type
- ECOSYSTEM
- Events
-
Introduced5.5.0Fixed5.10.246
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.195
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed6.1.156
- Type
- ECOSYSTEM
- Events
-
Introduced6.2.0Fixed6.6.112
- Type
- ECOSYSTEM
- Events
-
Introduced6.7.0Fixed6.12.53
- Type
- ECOSYSTEM
- Events
-
Introduced6.13.0Fixed6.17.3