CVE-2025-40035

Linux Kernel - Information Disclosure via Uninitialized uinput_ff_upload_compat Structure

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak Struct ff_effect_compat is embedded twice inside uinput_ff_upload_compat, contains internal padding. In particular, there is a hole after struct ff_replay to satisfy alignment requirements for the following union member. Without clearing the structure, copy_to_user() may leak stack data to userspace. Initialize ff_up_compat to zero before filling valid fields.

Scores

EPSS 0.0021
EPSS Percentile 11.4%

Details

Status published
Products (25)
linux/Kernel 2.6.29 - 5.4.301linux
linux/Kernel 5.11.0 - 5.15.195linux
linux/Kernel 5.16.0 - 6.1.156linux
linux/Kernel 5.5.0 - 5.10.246linux
linux/Kernel 6.13.0 - 6.17.3linux
linux/Kernel 6.2.0 - 6.6.112linux
linux/Kernel 6.7.0 - 6.12.53linux
Linux/Linux < 2.6.29
Linux/Linux 2.6.29
Linux/Linux 2d56f3a32c0e62f99c043d2579840f9731fe5855 - 1b317796013f666ae5040edbf0f230ec61496d42
... and 15 more
Published Oct 28, 2025
Tracked Since Feb 18, 2026