CVE-2025-40057

Linux Kernel 5.14-6.12.52, 6.13-6.17.2 - Denial of Service via Large max_vclocks Value

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: ptp: Add a upper bound on max_vclocks syzbot reported WARNING in max_vclocks_store. This occurs when the argument max is too large for kcalloc to handle. Extend the guard to guard against values that are too large for kcalloc

Scores

EPSS 0.0019
EPSS Percentile 9.3%

Details

Status published
Products (10)
linux/Kernel 5.14.0 - 6.12.53linux
linux/Kernel 6.13.0 - 6.17.3linux
Linux/Linux < 5.14
Linux/Linux 5.14
Linux/Linux 6.12.53 - 6.12.*
Linux/Linux 6.17.3 - 6.17.*
Linux/Linux 6.18
Linux/Linux 73f37068d540eba5f93ba3a0019bf479d35ebd76 - 35ce5f163889dbce88eda1df661b357a09bbed87
Linux/Linux 73f37068d540eba5f93ba3a0019bf479d35ebd76 - 8dd446056336faa2283d62cefc2f576536845edc
Linux/Linux 73f37068d540eba5f93ba3a0019bf479d35ebd76 - e9f35294e18da82162004a2f35976e7031aaf7f9
Published Oct 28, 2025
Tracked Since Feb 18, 2026