CVE-2025-40117

Published: Nov 12, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: misc: pci_endpoint_test: Fix array underflow in pci_endpoint_test_ioctl() Commit eefb83790a0d ("misc: pci_endpoint_test: Add doorbell test case") added NO_BAR (-1) to the pci_barno enum which, in practical terms, changes the enum from an unsigned int to a signed int. If the user passes a negative number in pci_endpoint_test_ioctl() then it results in an array underflow in pci_endpoint_test_bar().

Vendor	Product	Versions
Linux	Linux	affected `eefb83790a0dda112d1755e4f5e213738d717e76 - < 6df3687922570f753574c40b35e83b26b32292d0` affected `eefb83790a0dda112d1755e4f5e213738d717e76 - < 1ad82f9db13d85667366044acdfb02009d576c5a`
Linux	Linux	affected `6.17` unaffected `0 - < 6.17` unaffected `6.17.3 - <= 6.17.` unaffected `6.18 - <= `

References

https://git.kernel.org/stable/c/6df3687922570f753574c40b35e83b26b32292d0

https://git.kernel.org/stable/c/1ad82f9db13d85667366044acdfb02009d576c5a

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-40117

Description

Affected Products

References