vulnerability

Debian: CVE-2025-40202: linux, linux-6.1 -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:S/C:N/I:N/A:C)	Nov 14, 2025	Nov 14, 2025	Nov 27, 2025

Severity

CVSS

(AV:L/AC:L/Au:S/C:N/I:N/A:C)

Published

Nov 14, 2025

Added

Nov 14, 2025

Modified

Nov 27, 2025

Description

In the Linux kernel, the following vulnerability has been resolved: ipmi: Rework user message limit handling The limit on the number of user messages had a number of issues, improper counting in some cases and a use after free. Restructure how this is all done to handle more in the receive message allocation routine, so all refcouting and user message limit counts are done in that routine. It's a lot cleaner and safer.

Solutions

debian-upgrade-linuxdebian-upgrade-linux-6-1

References

CVE-2025-40202
https://attackerkb.com/topics/CVE-2025-40202
DEBIAN-DLA-4379-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today