CVE-2025-40202

medium

Description

In the Linux kernel, the following vulnerability has been resolved: ipmi: Rework user message limit handling The limit on the number of user messages had a number of issues, improper counting in some cases and a use after free. Restructure how this is all done to handle more in the receive message allocation routine, so all refcouting and user message limit counts are done in that routine. It's a lot cleaner and safer.

References

https://git.kernel.org/stable/c/f63723ca7d7623f9dae1990973cd158671f03c56

https://git.kernel.org/stable/c/b52da4054ee0bf9ecb44996f2c83236ff50b3812

https://git.kernel.org/stable/c/53d6e403affbf6df2c859a0ea00ccfc1e72090ca

https://git.kernel.org/stable/c/348121b29594d42d1635648fd3ed31dfa25351d5

https://git.kernel.org/stable/c/0ed73be9a2547ffb9b5c1d879ad9bfab73d920b5

Details

Source: Mitre, NVD

Published: 2025-11-12

Updated: 2025-11-14

Risk Information

CVSS v2

Base Score: 4.9

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00018