CVE-2025-40262

Dec. 6, 2025, 10:15 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: Input: imx_sc_key - fix memory corruption on unload This is supposed to be "priv" but we accidentally pass "&priv" which is an address in the stack and so it will lead to memory corruption when the imx_sc_key_action() function is called. Remove the &.

Product(s) Impacted

Product Versions
kernel
  • *

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/3e96803b169dc948847f0fc2bae729a80914eb7b
https://git.kernel.org/stable/c/4ce5218b101205b3425099fe3df88a61b58f9cc2
https://git.kernel.org/stable/c/56881294915a6e866d31a46f9bcb5e19167cfbaa
https://git.kernel.org/stable/c/6524a15d33951b18ac408ebbcb9c16e14e21c336
https://git.kernel.org/stable/c/a155292c3ce722036014da5477ee0e4c87b5e6b3
https://git.kernel.org/stable/c/ca9a08de9b294422376f47ade323d69590dbc6f2
https://git.kernel.org/stable/c/d83f1512758f4ef6fc5e83219fe7eeeb6b428ea4

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2025-12-04
CVE-2025-40262

Timeline

Published: Dec. 4, 2025, 4:16 p.m.
Last Modified: Dec. 6, 2025, 10:15 p.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.