#VU118504 Input validation error in Linux kernel - CVE-2025-40188
Published: November 13, 2025
Vulnerability identifier: #VU118504
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-40188
CWE-ID: CWE-20
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the berlin_pwm_suspend() and berlin_pwm_resume() functions in drivers/pwm/pwm-berlin.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's repository.
External links
- https://git.kernel.org/stable/c/3a4b9d027e4061766f618292df91760ea64a1fcc
- https://git.kernel.org/stable/c/5419c86ea134b8a5b8126f55fa5bc1ad7b3ca444
- https://git.kernel.org/stable/c/6cef9e4425143b19742044c8a675335821fa1994
- https://git.kernel.org/stable/c/9ee5eb3d09217f115f63b7c102d110ccdb1b26af
- https://git.kernel.org/stable/c/d9457e6258750692c3b27f80880a613178053c25
- https://git.kernel.org/stable/c/da3cadb8b0f35d845b3e2fbb7d978cf6473fd221
- https://git.kernel.org/stable/c/dc3a1c6237e7f8046e6d4109bcf1998452ccafad
- https://git.kernel.org/stable/c/fd017aabd4273216ed4223f17991fc087163771f