Security Advisory

CVE-2025-40253

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-04 16:08:15

Last updated 2026-05-23 16:01:48

Assigner Linux

State PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: s390/ctcm: Fix double-kfree The function mpc_rcvd_sweep_req(mpcginfo) is called conditionally from function ctcmpc_unpack_skb. It frees passed mpcginfo. After that a call to function kfree in function ctcmpc_unpack_skb frees it again. Remove kfree call in function mpc_rcvd_sweep_req(mpcginfo). Bug detected by the clang static analyzer.

← Browse all CVEs View on cve.org ↗