CVE-2025-40071

Currently gsmqueue() processes incoming frames and when opening a DLC channel it calls gsmdlciopen() which calls gsmmodemupdate(). If basic mode is used it calls gsmmodemupdvia_msc() and it cannot block the input queue by waiting the response to come into the same input queue.

Instead allow sending Modem Status Command without waiting for remote end to respond. Define a new function gsmmodemsendinitialmsc() for this purpose. As MSC is only valid for basic encoding, it does not do anything for advanced or when convergence layer type 2 is used.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40071.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

48473802506d2d6151f59e0e764932b33b53cb3b

Fixed

c36785f9de03df56ff9b8eca30fa681a12b2310d

Fixed

5416e89b81b00443cb03c88df8da097ae091a141

Fixed

c5a2791a7f11939f05f95c01f0aec0c55bbf28d5

Fixed

3cf0b3c243e56bc43be560617416c1d9f301f44c

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

920e849b7d23ced84c9d11e11e2449e34973cfb8

Last affected

e83b4e1540469babeffcfd44a605cf8a61542598

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40071.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.18.0

Fixed

6.6.112

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.12.53

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.17.3

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40071.json"