SB2025111344 - Input validation error in Linux kernel pwm driver
Published: November 13, 2025
Security Bulletin ID
SB2025111344
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Input validation error (CVE-ID: CVE-2025-40188)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the berlin_pwm_suspend() and berlin_pwm_resume() functions in drivers/pwm/pwm-berlin.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/3a4b9d027e4061766f618292df91760ea64a1fcc
- https://git.kernel.org/stable/c/5419c86ea134b8a5b8126f55fa5bc1ad7b3ca444
- https://git.kernel.org/stable/c/6cef9e4425143b19742044c8a675335821fa1994
- https://git.kernel.org/stable/c/9ee5eb3d09217f115f63b7c102d110ccdb1b26af
- https://git.kernel.org/stable/c/d9457e6258750692c3b27f80880a613178053c25
- https://git.kernel.org/stable/c/da3cadb8b0f35d845b3e2fbb7d978cf6473fd221
- https://git.kernel.org/stable/c/dc3a1c6237e7f8046e6d4109bcf1998452ccafad
- https://git.kernel.org/stable/c/fd017aabd4273216ed4223f17991fc087163771f