vulnerability

Ubuntu: (Multiple Advisories) (CVE-2025-40172): Linux kernel (OEM) vulnerabilities

Try Surface Command
Back to search
Severity
6
CVSS
(AV:L/AC:L/Au:S/C:C/I:N/A:C)
Published
Nov 12, 2025
Added
Dec 15, 2025
Modified
Mar 18, 2026

Description

In the Linux kernel, the following vulnerability has been resolved:

accel/qaic: Treat remaining == 0 as error in find_and_map_user_pages()

Currently, if find_and_map_user_pages() takes a DMA xfer request from the
user with a length field set to 0, or in a rare case, the host receives
QAIC_TRANS_DMA_XFER_CONT from the device where resources->xferred_dma_size
is equal to the requested transaction size, the function will return 0
before allocating an sgt or setting the fields of the dma_xfer struct.
In that case, encode_addr_size_pairs() will try to access the sgt which
will lead to a general protection fault.

Return an EINVAL in case the user provides a zero-sized ALP, or the device
requests continuation after all of the bytes have been transferred.

Solutions

ubuntu-upgrade-linux-image-6-14-0-1017-oemubuntu-upgrade-linux-image-6-17-0-1006-realtimeubuntu-upgrade-linux-image-6-17-0-1007-awsubuntu-upgrade-linux-image-6-17-0-1007-aws-64kubuntu-upgrade-linux-image-6-17-0-1007-gcpubuntu-upgrade-linux-image-6-17-0-1007-gcp-64kubuntu-upgrade-linux-image-6-17-0-1007-oracleubuntu-upgrade-linux-image-6-17-0-1007-oracle-64kubuntu-upgrade-linux-image-6-17-0-1008-azureubuntu-upgrade-linux-image-6-17-0-1008-raspiubuntu-upgrade-linux-image-6-17-0-14-genericubuntu-upgrade-linux-image-6-17-0-14-generic-64kubuntu-upgrade-linux-image-6-8-0-1035-gkeopubuntu-upgrade-linux-image-6-8-0-1047-oracleubuntu-upgrade-linux-image-6-8-0-1047-oracle-64kubuntu-upgrade-linux-image-6-8-0-1048-gkeubuntu-upgrade-linux-image-6-8-0-1048-gke-64kubuntu-upgrade-linux-image-6-8-0-1049-ibmubuntu-upgrade-linux-image-6-8-0-1049-nvidiaubuntu-upgrade-linux-image-6-8-0-1049-nvidia-64kubuntu-upgrade-linux-image-6-8-0-1049-nvidia-lowlatencyubuntu-upgrade-linux-image-6-8-0-1049-nvidia-lowlatency-64kubuntu-upgrade-linux-image-6-8-0-1050-awsubuntu-upgrade-linux-image-6-8-0-1050-aws-64kubuntu-upgrade-linux-image-6-8-0-1050-aws-fipsubuntu-upgrade-linux-image-6-8-0-1052-gcpubuntu-upgrade-linux-image-6-8-0-1052-gcp-64kubuntu-upgrade-linux-image-6-8-0-1052-gcp-fipsubuntu-upgrade-linux-image-6-8-0-106-fipsubuntu-upgrade-linux-image-6-8-0-106-genericubuntu-upgrade-linux-image-6-8-0-106-generic-64kubuntu-upgrade-linux-image-6-8-0-106-lowlatencyubuntu-upgrade-linux-image-6-8-0-106-lowlatency-64kubuntu-upgrade-linux-image-awsubuntu-upgrade-linux-image-aws-6-17ubuntu-upgrade-linux-image-aws-6-8ubuntu-upgrade-linux-image-aws-64kubuntu-upgrade-linux-image-aws-64k-6-17ubuntu-upgrade-linux-image-aws-64k-6-8ubuntu-upgrade-linux-image-aws-64k-lts-24-04ubuntu-upgrade-linux-image-aws-fipsubuntu-upgrade-linux-image-aws-fips-6-8ubuntu-upgrade-linux-image-aws-lts-24-04ubuntu-upgrade-linux-image-azureubuntu-upgrade-linux-image-azure-6-17ubuntu-upgrade-linux-image-fipsubuntu-upgrade-linux-image-fips-6-8ubuntu-upgrade-linux-image-gcpubuntu-upgrade-linux-image-gcp-6-17ubuntu-upgrade-linux-image-gcp-6-8ubuntu-upgrade-linux-image-gcp-64kubuntu-upgrade-linux-image-gcp-64k-6-17ubuntu-upgrade-linux-image-gcp-64k-6-8ubuntu-upgrade-linux-image-gcp-64k-lts-24-04ubuntu-upgrade-linux-image-gcp-fipsubuntu-upgrade-linux-image-gcp-fips-6-8ubuntu-upgrade-linux-image-gcp-lts-24-04ubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-6-17ubuntu-upgrade-linux-image-generic-6-8ubuntu-upgrade-linux-image-generic-64kubuntu-upgrade-linux-image-generic-64k-6-17ubuntu-upgrade-linux-image-generic-64k-6-8ubuntu-upgrade-linux-image-generic-64k-hwe-22-04ubuntu-upgrade-linux-image-generic-hwe-22-04ubuntu-upgrade-linux-image-generic-lpaeubuntu-upgrade-linux-image-gkeubuntu-upgrade-linux-image-gke-6-8ubuntu-upgrade-linux-image-gke-64kubuntu-upgrade-linux-image-gke-64k-6-8ubuntu-upgrade-linux-image-gkeopubuntu-upgrade-linux-image-gkeop-6-8ubuntu-upgrade-linux-image-ibmubuntu-upgrade-linux-image-ibm-6-8ubuntu-upgrade-linux-image-ibm-classicubuntu-upgrade-linux-image-ibm-lts-24-04ubuntu-upgrade-linux-image-intel-iotgubuntu-upgrade-linux-image-kvmubuntu-upgrade-linux-image-lowlatencyubuntu-upgrade-linux-image-lowlatency-6-8ubuntu-upgrade-linux-image-lowlatency-64kubuntu-upgrade-linux-image-lowlatency-64k-6-8ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04ubuntu-upgrade-linux-image-lowlatency-hwe-22-04ubuntu-upgrade-linux-image-nvidiaubuntu-upgrade-linux-image-nvidia-6-8ubuntu-upgrade-linux-image-nvidia-64kubuntu-upgrade-linux-image-nvidia-64k-6-8ubuntu-upgrade-linux-image-nvidia-64k-hwe-22-04ubuntu-upgrade-linux-image-nvidia-hwe-22-04ubuntu-upgrade-linux-image-nvidia-lowlatencyubuntu-upgrade-linux-image-nvidia-lowlatency-6-8ubuntu-upgrade-linux-image-nvidia-lowlatency-64kubuntu-upgrade-linux-image-nvidia-lowlatency-64k-6-8ubuntu-upgrade-linux-image-oem-22-04ubuntu-upgrade-linux-image-oem-22-04aubuntu-upgrade-linux-image-oem-22-04bubuntu-upgrade-linux-image-oem-22-04cubuntu-upgrade-linux-image-oem-22-04dubuntu-upgrade-linux-image-oem-24-04ubuntu-upgrade-linux-image-oem-24-04aubuntu-upgrade-linux-image-oem-24-04bubuntu-upgrade-linux-image-oem-24-04cubuntu-upgrade-linux-image-oem-6-14ubuntu-upgrade-linux-image-oracleubuntu-upgrade-linux-image-oracle-6-17ubuntu-upgrade-linux-image-oracle-6-8ubuntu-upgrade-linux-image-oracle-64kubuntu-upgrade-linux-image-oracle-64k-6-17ubuntu-upgrade-linux-image-oracle-64k-6-8ubuntu-upgrade-linux-image-oracle-64k-lts-24-04ubuntu-upgrade-linux-image-oracle-lts-24-04ubuntu-upgrade-linux-image-raspiubuntu-upgrade-linux-image-raspi-6-17ubuntu-upgrade-linux-image-realtimeubuntu-upgrade-linux-image-realtime-6-17ubuntu-upgrade-linux-image-virtualubuntu-upgrade-linux-image-virtual-6-17ubuntu-upgrade-linux-image-virtual-6-8ubuntu-upgrade-linux-image-virtual-hwe-22-04

References

    Title
    NEW

    Explore Exposure Command

    Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

    Try it today