CVE-2025-40264
Published: Dec 4, 2025
Modified: Jun 2, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: be2net: pass wrb_params in case of OS2BMC be_insert_vlan_in_pkt() is called with the wrb_params argument being NULL at be_send_pkt_to_bmc() call site. This may lead to dereferencing a NULL pointer when processing a workaround for specific packet, as commit bc0c3405abbb ("be2net: fix a Tx stall bug caused by a specific ipv6 packet") states. The correct way would be to pass the wrb_params from be_xmit().
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 760c295e0e8d982917d004c9095cff61c0cbd803 - < 48d59b60dd5d7e4c48c077a2008c9dcd7b59bdfeaffected 760c295e0e8d982917d004c9095cff61c0cbd803 - < f499dfa5c98e92e72dd454eb95a1000a448f3405affected 760c295e0e8d982917d004c9095cff61c0cbd803 - < 630360c6724e27f1aa494ba3fffe1e38c4205284affected 760c295e0e8d982917d004c9095cff61c0cbd803 - < 012ee5882b1830db469194466a210768ed207388affected 760c295e0e8d982917d004c9095cff61c0cbd803 - < ce0a3699244aca3acb659f143c9cb1327b210f89+3 more versions |
Linux | Linux | affected 4.2unaffected 0 - < 4.2unaffected 5.4.302 - <= 5.4.*unaffected 5.10.247 - <= 5.10.*unaffected 5.15.197 - <= 5.15.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now