CVE-2025-40264

NONE EPSS 8.0%
Published Dec 4, 20257mo ago · Modified Jun 17, 20262w ago
Find Similar
Published Dec 4, 2025 7mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: be2net: pass wrb_params in case of OS2BMC be_insert_vlan_in_pkt() is called with the wrb_params argument being NULL at be_send_pkt_to_bmc() call site.  This may lead to dereferencing a NULL pointer when processing a workaround for specific packet, as commit bc0c3405abbb ("be2net: fix a Tx stall bug caused by a specific ipv6 packet") states. The correct way would be to pass the wrb_params from be_xmit().

Threat Intelligence

EPSS Exploit Probability
8.0% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 9

  • cert-portal.siemens.com https://cert-portal.siemens.com/productcert/html/ssa-253495.html
  • git.kernel.org https://git.kernel.org/stable/c/012ee5882b1830db469194466a210768ed207388
  • git.kernel.org https://git.kernel.org/stable/c/1ecd86ec6efddb59a10c927e8e679f183bb9113e
  • git.kernel.org https://git.kernel.org/stable/c/48d59b60dd5d7e4c48c077a2008c9dcd7b59bdfe
  • git.kernel.org https://git.kernel.org/stable/c/4c4741f6e7f2fa4e1486cb61e1c15b9236ec134d
  • git.kernel.org https://git.kernel.org/stable/c/630360c6724e27f1aa494ba3fffe1e38c4205284
  • git.kernel.org https://git.kernel.org/stable/c/7d277a7a58578dd62fd546ddaef459ec24ccae36
  • git.kernel.org https://git.kernel.org/stable/c/ce0a3699244aca3acb659f143c9cb1327b210f89
  • git.kernel.org https://git.kernel.org/stable/c/f499dfa5c98e92e72dd454eb95a1000a448f3405

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.