CVE-2025-40111

Nodes stored in the validation duplicates hashtable come from an arena allocator that is cleared at the end of vmwexecbufprocess. All nodes are expected to be cleared in vmwvalidationdrop_ht but this node escaped because its resource was destroyed prematurely.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40111.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

64ad2abfe9a628ce79859d072704bd1ef7682044

Fixed

1822e5287b7dfa59d0af966756ebf1dc652b60ee

Fixed

fb7165e5f3b3b10721ff70553583ad12e90e447a

Fixed

4c918f9d1ccccc0e092f43dcb2d8266f54d7340b

Fixed

9a8eaca539708ca532747f606d231f70e684e8ca

Fixed

867bda5d95d36f10da398fd4409e21c7002b2332

Fixed

655a2f29bfc21105c80bf8a7d7aafa6eca8b4496

Fixed

65608e991c2d771c13404e5c7ae122ac3c3357a4

Fixed

dfe1323ab3c8a4dd5625ebfdba44dc47df84512a

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40111.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

4.20.0

Fixed

5.4.301

Type: ECOSYSTEM
Events: Introduced

5.5.0

Fixed

5.10.246

Type: ECOSYSTEM
Events: Introduced

5.11.0

Fixed

5.15.195

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.157

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.113

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.12.54

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.17.4

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40111.json"