CVE-2025-40302
- Source
- https://cve.org/CVERecord?id=CVE-2025-40302
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40302.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-40302
- Downstream
- Related
- Published
- 2025-12-08T00:46:26.293Z
- Modified
- 2026-05-15T04:13:48.642317767Z
- Summary
- media: videobuf2: forbid remove_bufs when legacy fileio is active
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
media: videobuf2: forbid remove_bufs when legacy fileio is active
vb2ioctlremove_bufs() call manipulates queue internal buffer list, potentially overwriting some pointers used by the legacy fileio access mode. Forbid that ioctl when fileio is active to protect internal queue state between subsequent read/write calls.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40302.json" }- References
-
- https://git.kernel.org/stable/c/27afd6e066cfd80ddbe22a4a11b99174ac89cced
- https://git.kernel.org/stable/c/a6a493b985bfffac097a4e1be09f98b27729dca8
- https://git.kernel.org/stable/c/e819b34df0a7030a15c968d619fa8a3ed2455c7a
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40302.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-40302
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git