CVE-2025-40020

Linux Kernel Shift-Out-of-Bounds in PC CAN FD Interface

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: can: peak_usb: fix shift-out-of-bounds issue Explicitly uses a 64-bit constant when the number of bits used for its shifting is 32 (which is the case for PC CAN FD interfaces supported by this driver). [mkl: update subject, apply manually]

Scores

EPSS 0.0019
EPSS Percentile 9.1%

Details

Status published
Products (25)
linux/Kernel 3.4.0 - 5.4.300linux
linux/Kernel 5.11.0 - 5.15.194linux
linux/Kernel 5.16.0 - 6.1.155linux
linux/Kernel 5.5.0 - 5.10.245linux
linux/Kernel 6.13.0 - 6.16.10linux
linux/Kernel 6.2.0 - 6.6.109linux
linux/Kernel 6.7.0 - 6.12.50linux
Linux/Linux < 3.4
Linux/Linux 3.4
Linux/Linux 5.10.245 - 5.10.*
... and 15 more
Published Oct 24, 2025
Tracked Since Feb 18, 2026