CVE-2025-40266

NONE EPSS 6.7%
Published Dec 4, 20256mo ago · Modified Jun 17, 20261w ago
Find Similar
Published Dec 4, 2025 6mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Check the untrusted offset in FF-A memory share Verify the offset to prevent OOB access in the hypervisor FF-A buffer in case an untrusted large enough value [U32_MAX - sizeof(struct ffa_composite_mem_region) + 1, U32_MAX] is set from the host kernel.

Threat Intelligence

EPSS Exploit Probability
6.7% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 4

  • git.kernel.org https://git.kernel.org/stable/c/103e17aac09cdd358133f9e00998b75d6c1f1518
  • git.kernel.org https://git.kernel.org/stable/c/bc1909ef38788f2ee3d8011d70bf029948433051
  • git.kernel.org https://git.kernel.org/stable/c/f9f1aed6c8a3427900da3121e1868124854569c3
  • git.kernel.org https://git.kernel.org/stable/c/fc3139d9f4c1fe1c7d5f25f99676bd8e9c6a1041

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.