CVE-2025-40202

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-40202

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40202.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-40202

Downstream

AZL-70115

BELL-CVE-2025-40202

DEBIAN-CVE-2025-40202

DLA-4379-1

OESA-2025-2765

OESA-2025-2766

OESA-2025-2767

ROOT-OS-DEBIAN-13-CVE-2025-40202

ROOT-OS-UBUNTU-2404-CVE-2025-40202

SUSE-SU-2026:0447-1

SUSE-SU-2026:0471-1

SUSE-SU-2026:0472-1

SUSE-SU-2026:0587-1

SUSE-SU-2026:20012-1

SUSE-SU-2026:20015-1

SUSE-SU-2026:20021-1

SUSE-SU-2026:20477-1

SUSE-SU-2026:20498-1

SUSE-SU-2026:20845-1

SUSE-SU-2026:20876-1

UBUNTU-CVE-2025-40202

USN-8125-1

USN-8126-1

USN-8165-1

USN-8261-1

openSUSE-SU-2025:20172-1

Related

Published

2025-11-12T21:56:34.527Z

Modified

2026-05-15T04:13:47.531576745Z

Summary

ipmi: Rework user message limit handling

Details

In the Linux kernel, the following vulnerability has been resolved:

ipmi: Rework user message limit handling

The limit on the number of user messages had a number of issues, improper counting in some cases and a use after free.

Restructure how this is all done to handle more in the receive message allocation routine, so all refcouting and user message limit counts are done in that routine. It's a lot cleaner and safer.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40202.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.19.0

Fixed

6.1.157

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.113

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.12.54

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.17.4

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40202.json"