#VU118403 Out-of-bounds read in Linux kernel - CVE-2025-40121
Published: November 12, 2025
Vulnerability identifier: #VU118403
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-40121
CWE-ID: CWE-125
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the MODULE_PARM_DESC() function in sound/soc/intel/boards/bytcr_rt5651.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's repository.
External links
- https://git.kernel.org/stable/c/2204e582b4eea872e1e7a5c90edcb84b928c68b0
- https://git.kernel.org/stable/c/4336efb59ef364e691ef829a73d9dbd4d5ed7c7b
- https://git.kernel.org/stable/c/64a36a7032082b4c330ce081acb6efb99246020e
- https://git.kernel.org/stable/c/95e29db33b5f73218ae08ebb48c61c9a8d28e2ff
- https://git.kernel.org/stable/c/bff827b0d507e52b23efab9f67c232a4f037ab2c
- https://git.kernel.org/stable/c/c60f269c123210a6846d6d1367de0eaa402c10b0
- https://git.kernel.org/stable/c/f197894de2f4ef46c7d53827d9df294b75c35e13
- https://git.kernel.org/stable/c/fdf99978a6480e14405212472b6c747e0fa43bed