CVE-2025-40192

Linux Kernel 6.2.0-6.6.112, 6.7.0-6.12.53, 6.13.0-6.17.3 - Denial of Service via IPMI Driver Infinite Loop

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: Revert "ipmi: fix msg stack when IPMI is disconnected" This reverts commit c608966f3f9c2dca596967501d00753282b395fc. This patch has a subtle bug that can cause the IPMI driver to go into an infinite loop if the BMC misbehaves in a certain way. Apparently certain BMCs do misbehave this way because several reports have come in recently about this.

Scores

EPSS 0.0018
EPSS Percentile 7.9%

Details

Status published
Products (13)
linux/Kernel 6.13.0 - 6.17.4linux
linux/Kernel 6.2.0 - 6.6.113linux
linux/Kernel 6.7.0 - 6.12.54linux
Linux/Linux < 6.2
Linux/Linux 6.12.54 - 6.12.*
Linux/Linux 6.17.4 - 6.17.*
Linux/Linux 6.18
Linux/Linux 6.2
Linux/Linux 6.6.113 - 6.6.*
Linux/Linux c608966f3f9c2dca596967501d00753282b395fc - 5d09ee1bec870263f4ace439402ea840503b503b
... and 3 more
Published Nov 12, 2025
Tracked Since Feb 18, 2026