CVE-2025-40036

In the Linux kernel, the following vulnerability has been resolved:

misc: fastrpc: fix possible map leak in fastrpc_put_args

copy_to_user() failure would cause an early return without cleaning up
the fdlist, which has been updated by the DSP. This could lead to map
leak. Fix this by redirecting to a cleanup path on failure, ensuring
that all mapped buffers are properly released before returning.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
LinuxCNA
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 3%
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
vulnerable
bullseye (security)
vulnerable
bookworm
vulnerable
bookworm (security)
vulnerable
trixie
vulnerable
trixie (security)
vulnerable
forky
vulnerable
sid
vulnerable
Vulnerability Media Exposure
References
https://git.kernel.org/stable/c/3ad42dc66445df6977cf4be0c06f1a655299ce6c
https://git.kernel.org/stable/c/78d33a041555db03903e8037fd053ed74fbd88cb
https://git.kernel.org/stable/c/a085658264d0c8d4f795d4631f77d7289a021de9
https://git.kernel.org/stable/c/c000f65f0ac93d9f9cc69a230d372f6ca93e4879
https://git.kernel.org/stable/c/da1ba64176e0138f2bfa96f9e43e8c3640d01e1e