Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-40081

Опубликовано: 28 окт. 2025
Источник: redhat
CVSS3: 4.4
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved: perf: arm_spe: Prevent overflow in PERF_IDX2OFF() Cast nr_pages to unsigned long to avoid overflow when handling large AUX buffer sizes (>= 2 GiB).

Отчет

The patch fixes an integer overflow in the PERF_IDX2OFF() macro used by ARM SPE perf events. When nr_pages exceeded 2 GiB worth of buffer pages, (buf->nr_pages << PAGE_SHIFT) could overflow due to nr_pages being int. This caused incorrect buffer offsets or wraparounds during AUX trace handling, potentially corrupting trace data or causing a kernel crash. Exploitation requires local privileged access to configure large perf AUX buffers.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10kernelFix deferred
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernelFix deferred
Red Hat Enterprise Linux 8kernel-rtFix deferred
Red Hat Enterprise Linux 9kernelFix deferred
Red Hat Enterprise Linux 9kernel-rtFix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-190
https://bugzilla.redhat.com/show_bug.cgi?id=2406743kernel: perf: arm_spe: Prevent overflow in PERF_IDX2OFF()

EPSS

Процентиль: 21%
0.00068
Низкий

4.4 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2025-40081

ubuntu
5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: perf: arm_spe: Prevent overflow in PERF_IDX2OFF() Cast nr_pages to unsigned long to avoid overflow when handling large AUX buffer sizes (>= 2 GiB).

nvd логотип

CVE-2025-40081

nvd
5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: perf: arm_spe: Prevent overflow in PERF_IDX2OFF() Cast nr_pages to unsigned long to avoid overflow when handling large AUX buffer sizes (>= 2 GiB).

msrc логотип

CVE-2025-40081

CVSS3: 7.1
msrc
5 месяцев назад

perf: arm_spe: Prevent overflow in PERF_IDX2OFF()

debian логотип

CVE-2025-40081

debian
5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: p ...

github логотип

GHSA-8pxq-vpq2-2xjv

github
5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: perf: arm_spe: Prevent overflow in PERF_IDX2OFF() Cast nr_pages to unsigned long to avoid overflow when handling large AUX buffer sizes (>= 2 GiB).

EPSS

Процентиль: 21%
0.00068
Низкий

4.4 Medium

CVSS3