CVE-2025-40117
Linux Kernel 6.17-6.17.2 - Array Underflow in pci_endpoint_test_bar via Negative pci_barno
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: misc: pci_endpoint_test: Fix array underflow in pci_endpoint_test_ioctl() Commit eefb83790a0d ("misc: pci_endpoint_test: Add doorbell test case") added NO_BAR (-1) to the pci_barno enum which, in practical terms, changes the enum from an unsigned int to a signed int. If the user passes a negative number in pci_endpoint_test_ioctl() then it results in an array underflow in pci_endpoint_test_bar().
References (2)
Core 2
Scores
EPSS
0.0018
EPSS Percentile
7.8%
Details
Status
published
Products (7)
linux/Kernel
6.17.0 - 6.17.3linux
Linux/Linux
< 6.17
Linux/Linux
6.17
Linux/Linux
6.17.3 - 6.17.*
Linux/Linux
6.18
Linux/Linux
eefb83790a0dda112d1755e4f5e213738d717e76 - 1ad82f9db13d85667366044acdfb02009d576c5a
Linux/Linux
eefb83790a0dda112d1755e4f5e213738d717e76 - 6df3687922570f753574c40b35e83b26b32292d0
Published
Nov 12, 2025
Tracked Since
Feb 18, 2026