{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-40253","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-04-16T07:20:57.181Z","datePublished":"2025-12-04T16:08:15.340Z","dateUpdated":"2026-05-11T21:45:45.316Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T21:45:45.316Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ns390/ctcm: Fix double-kfree\n\nThe function 'mpc_rcvd_sweep_req(mpcginfo)' is called conditionally\nfrom function 'ctcmpc_unpack_skb'. It frees passed mpcginfo.\nAfter that a call to function 'kfree' in function 'ctcmpc_unpack_skb'\nfrees it again.\n\nRemove 'kfree' call in function 'mpc_rcvd_sweep_req(mpcginfo)'.\n\nBug detected by the clang static analyzer."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/s390/net/ctcm_mpc.c"],"versions":[{"version":"467ddbbe7e749d558f13e640f50f546149c930b3","lessThan":"06f1dd1de0d33dbfbd2e1fc9fc57d8895f730de2","status":"affected","versionType":"git"},{"version":"4d3c6d741816539b57fa1110c3f765a8c176d7b4","lessThan":"6bf8ccaabce8cebb6cb1f255c93d0acdfe95c17a","status":"affected","versionType":"git"},{"version":"2bd57101c3ecf3f8c0da1d26c2b6ad511adc6d50","lessThan":"7616e2eee679746d526c7f5befd4eedb995935b5","status":"affected","versionType":"git"},{"version":"0c0b20587b9f25a2ad14db7f80ebe49bdf29920a","lessThan":"43096dab8cc60fc39133205fd149a54d3acebea8","status":"affected","versionType":"git"},{"version":"0c0b20587b9f25a2ad14db7f80ebe49bdf29920a","lessThan":"3b177b2ded563df16f6d5920671ffcfe5915d472","status":"affected","versionType":"git"},{"version":"0c0b20587b9f25a2ad14db7f80ebe49bdf29920a","lessThan":"b9dbfb1b5699f9f1e4991f96741bdf9047147589","status":"affected","versionType":"git"},{"version":"0c0b20587b9f25a2ad14db7f80ebe49bdf29920a","lessThan":"7ff76f8dc6b550f8d16487bf3cebc278be720b5c","status":"affected","versionType":"git"},{"version":"0c0b20587b9f25a2ad14db7f80ebe49bdf29920a","lessThan":"da02a1824884d6c84c5e5b5ac373b0c9e3288ec2","status":"affected","versionType":"git"},{"version":"36933de59f67029e5739a98393891f9b94f27e0f","status":"affected","versionType":"git"},{"version":"d886b4292a1c5b4facdb2dfdc31f0fecc71df898","status":"affected","versionType":"git"},{"version":"4c9ba0fed125deba8416b995b0c274b0804c0c24","status":"affected","versionType":"git"},{"version":"ea0053af5dab4d63a9c44563973fb2f3bfd9eb2b","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/s390/net/ctcm_mpc.c"],"versions":[{"version":"5.18","status":"affected"},{"version":"0","lessThan":"5.18","status":"unaffected","versionType":"semver"},{"version":"5.4.302","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.247","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.197","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.159","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.118","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.60","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.17.10","lessThanOrEqual":"6.17.*","status":"unaffected","versionType":"semver"},{"version":"6.18","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4.195","versionEndExcluding":"5.4.302"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10.117","versionEndExcluding":"5.10.247"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15.41","versionEndExcluding":"5.15.197"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.18","versionEndExcluding":"6.1.159"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.18","versionEndExcluding":"6.6.118"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.18","versionEndExcluding":"6.12.60"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.18","versionEndExcluding":"6.17.10"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.18","versionEndExcluding":"6.18"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.9.315"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14.280"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19.244"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.17.9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/06f1dd1de0d33dbfbd2e1fc9fc57d8895f730de2"},{"url":"https://git.kernel.org/stable/c/6bf8ccaabce8cebb6cb1f255c93d0acdfe95c17a"},{"url":"https://git.kernel.org/stable/c/7616e2eee679746d526c7f5befd4eedb995935b5"},{"url":"https://git.kernel.org/stable/c/43096dab8cc60fc39133205fd149a54d3acebea8"},{"url":"https://git.kernel.org/stable/c/3b177b2ded563df16f6d5920671ffcfe5915d472"},{"url":"https://git.kernel.org/stable/c/b9dbfb1b5699f9f1e4991f96741bdf9047147589"},{"url":"https://git.kernel.org/stable/c/7ff76f8dc6b550f8d16487bf3cebc278be720b5c"},{"url":"https://git.kernel.org/stable/c/da02a1824884d6c84c5e5b5ac373b0c9e3288ec2"}],"title":"s390/ctcm: Fix double-kfree","x_generator":{"engine":"bippy-1.2.0"}}}}