Main Vulnerability Database Vulnerabilities #VU117752

Improper error handling in Linux kernel - CVE-2025-40040

Published: October 28, 2025 / Updated: January 4, 2026

Vulnerability identifier: #VU117752

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear

CVE-ID: CVE-2025-40040

CWE-ID: CWE-388

Exploitation vector: Local access

Exploit availability: Public exploit is available

Vendor: Linux Foundation

Affected software:
Linux kernel

Detailed vulnerability description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the rust/bindings/bindings_helper.h. A local user can perform a denial of service (DoS) attack.

How to mitigate CVE-2025-40040

Install update from vendor's repository.

Sources

https://git.kernel.org/stable/c/76385629f45740b7888f8fcd83bde955b10f61fe
https://git.kernel.org/stable/c/92b82e232b8d8b116ac6e57aeae7a6033db92c60
https://git.kernel.org/stable/c/ac50c6e0a8f91a02b681af81abb2362fbb67cc18
https://git.kernel.org/stable/c/f04aad36a07cc17b7a5d5b9a2d386ce6fae63e93

Improper error handling in Linux kernel - CVE-2025-40040

Detailed vulnerability description

How to mitigate CVE-2025-40040

Sources

Please verify you're human