{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-40112","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-04-16T07:20:57.167Z","datePublished":"2025-11-12T10:23:16.690Z","dateUpdated":"2026-05-11T21:42:52.940Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T21:42:52.940Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nsparc: fix accurate exception reporting in copy_{from_to}_user for Niagara\n\nThe referenced commit introduced exception handlers on user-space memory\nreferences in copy_from_user and copy_to_user. These handlers return from\nthe respective function and calculate the remaining bytes left to copy\nusing the current register contents. This commit fixes a couple of bad\ncalculations and a broken epilogue in the exception handlers. This will\nprevent crashes and ensure correct return values of copy_from_user and\ncopy_to_user in the faulting case. The behaviour of memcpy stays unchanged."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["arch/sparc/lib/NGmemcpy.S"],"versions":[{"version":"7ae3aaf53f1695877ccd5ebbc49ea65991e41f1e","lessThan":"05440320ea3e249d5f984918f2bf51210c1a7c03","status":"affected","versionType":"git"},{"version":"7ae3aaf53f1695877ccd5ebbc49ea65991e41f1e","lessThan":"7823fc4d8ab5e57f8db7806ff2530c03c166c4bb","status":"affected","versionType":"git"},{"version":"7ae3aaf53f1695877ccd5ebbc49ea65991e41f1e","lessThan":"37547d8e6eba87507279ee3dfddfd9dc46335454","status":"affected","versionType":"git"},{"version":"7ae3aaf53f1695877ccd5ebbc49ea65991e41f1e","lessThan":"a365ee556e45f780ee322b349a06efdad0c1458f","status":"affected","versionType":"git"},{"version":"7ae3aaf53f1695877ccd5ebbc49ea65991e41f1e","lessThan":"8cdeb5e482d3fdce7e825444b6ca3865e24c0228","status":"affected","versionType":"git"},{"version":"7ae3aaf53f1695877ccd5ebbc49ea65991e41f1e","lessThan":"a90ce516a73dbe087f9bf3dbf311301a58d125c6","status":"affected","versionType":"git"},{"version":"7ae3aaf53f1695877ccd5ebbc49ea65991e41f1e","lessThan":"088c5098ec6d6b0396edfbf3dad3e81de8469c1c","status":"affected","versionType":"git"},{"version":"7ae3aaf53f1695877ccd5ebbc49ea65991e41f1e","lessThan":"0b67c8fc10b13a9090340c5f8a37d308f4e1571c","status":"affected","versionType":"git"},{"version":"bfc8be6593097cb074d3912ba2f27565cfbb7d6e","status":"affected","versionType":"git"},{"version":"a15859f9d8396cce7c55ccdb7e75f70f14cbc349","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["arch/sparc/lib/NGmemcpy.S"],"versions":[{"version":"4.9","status":"affected"},{"version":"0","lessThan":"4.9","status":"unaffected","versionType":"semver"},{"version":"5.4.301","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.246","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.195","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.156","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.112","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.53","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.17.3","lessThanOrEqual":"6.17.*","status":"unaffected","versionType":"semver"},{"version":"6.18","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.9","versionEndExcluding":"5.4.301"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.9","versionEndExcluding":"5.10.246"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.9","versionEndExcluding":"5.15.195"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.9","versionEndExcluding":"6.1.156"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.9","versionEndExcluding":"6.6.112"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.9","versionEndExcluding":"6.12.53"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.9","versionEndExcluding":"6.17.3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.9","versionEndExcluding":"6.18"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4.34"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.8.10"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/05440320ea3e249d5f984918f2bf51210c1a7c03"},{"url":"https://git.kernel.org/stable/c/7823fc4d8ab5e57f8db7806ff2530c03c166c4bb"},{"url":"https://git.kernel.org/stable/c/37547d8e6eba87507279ee3dfddfd9dc46335454"},{"url":"https://git.kernel.org/stable/c/a365ee556e45f780ee322b349a06efdad0c1458f"},{"url":"https://git.kernel.org/stable/c/8cdeb5e482d3fdce7e825444b6ca3865e24c0228"},{"url":"https://git.kernel.org/stable/c/a90ce516a73dbe087f9bf3dbf311301a58d125c6"},{"url":"https://git.kernel.org/stable/c/088c5098ec6d6b0396edfbf3dad3e81de8469c1c"},{"url":"https://git.kernel.org/stable/c/0b67c8fc10b13a9090340c5f8a37d308f4e1571c"}],"title":"sparc: fix accurate exception reporting in copy_{from_to}_user for Niagara","x_generator":{"engine":"bippy-1.2.0"}}}}