QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2025-40253

Back to search

CVE-2025-40253

Published: Dec 4, 2025

Modified: May 23, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: s390/ctcm: Fix double-kfree The function 'mpc_rcvd_sweep_req(mpcginfo)' is called conditionally from function 'ctcmpc_unpack_skb'. It frees passed mpcginfo. After that a call to function 'kfree' in function 'ctcmpc_unpack_skb' frees it again. Remove 'kfree' call in function 'mpc_rcvd_sweep_req(mpcginfo)'. Bug detected by the clang static analyzer.

VendorProductVersions

Linux

Linux

affected
467ddbbe7e749d558f13e640f50f546149c930b3 - < 06f1dd1de0d33dbfbd2e1fc9fc57d8895f730de2
affected
4d3c6d741816539b57fa1110c3f765a8c176d7b4 - < 6bf8ccaabce8cebb6cb1f255c93d0acdfe95c17a
affected
2bd57101c3ecf3f8c0da1d26c2b6ad511adc6d50 - < 7616e2eee679746d526c7f5befd4eedb995935b5
affected
0c0b20587b9f25a2ad14db7f80ebe49bdf29920a - < 43096dab8cc60fc39133205fd149a54d3acebea8
affected
0c0b20587b9f25a2ad14db7f80ebe49bdf29920a - < 3b177b2ded563df16f6d5920671ffcfe5915d472

+14 more versions

Linux

Linux

affected
5.18
unaffected
0 - < 5.18
unaffected
5.4.302 - <= 5.4.*
unaffected
5.10.247 - <= 5.10.*
unaffected
5.15.197 - <= 5.15.*

+5 more versions

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now