CVE-2025-40202
Linux Kernel 5.19.0-6.1.156, 6.2.0-6.6.112, 6.7.0-6.12.53, 6.13.0-6.17.3 - Use-After-Free in IPMI User Message Handling
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: ipmi: Rework user message limit handling The limit on the number of user messages had a number of issues, improper counting in some cases and a use after free. Restructure how this is all done to handle more in the receive message allocation routine, so all refcouting and user message limit counts are done in that routine. It's a lot cleaner and safer.
References (5)
Core 5
Core References
Scores
EPSS
0.0018
EPSS Percentile
8.1%
Details
Status
published
Products (16)
linux/Kernel
5.19.0 - 6.1.157linux
linux/Kernel
6.13.0 - 6.17.4linux
linux/Kernel
6.2.0 - 6.6.113linux
linux/Kernel
6.7.0 - 6.12.54linux
Linux/Linux
< 5.19
Linux/Linux
5.19
Linux/Linux
6.1.157 - 6.1.*
Linux/Linux
6.12.54 - 6.12.*
Linux/Linux
6.17.4 - 6.17.*
Linux/Linux
6.18
... and 6 more
Published
Nov 12, 2025
Tracked Since
Feb 18, 2026