What is CVE-2025-40262?

CVE-2025-40262 is a unscored severity Linux kernel vulnerability. CVE-2025-40262 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2025-40262?

CVE-2025-40262 has a CVSS score of pending NVD analysis out of 10, rated awaiting scoring severity.

Is there a patch available for CVE-2025-40262?

No patch is currently available for CVE-2025-40262. Monitor the NIST NVD and your Linux distribution's security advisories for updates.

Is CVE-2025-40262 actively exploited?

CVE-2025-40262 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2025-40262

In the Linux kernel, the following vulnerability has been resolved: Input: imx_sc_key - fix memory corruption on unload This is supposed to be "priv" but we accidentally pass "&priv" which is an address in the stack and so it will lead to memory corruption when the imx_sc_key_action() function is called. Remove the &.

Package Linux Kernel

Published 2025-12-04

Last modified 2026-06-02

Patch available

Awaiting data

References

The following references provide additional information about CVE-2025-40262 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Cert-Portal
https://cert-portal.siemens.com/productcert/html/ssa-253495.html
Kernel patch commit
https://git.kernel.org/stable/c/3e96803b169dc948847f0fc2bae729a80914eb7b
Patch
Kernel patch commit
https://git.kernel.org/stable/c/4ce5218b101205b3425099fe3df88a61b58f9cc2
Patch
Kernel patch commit
https://git.kernel.org/stable/c/56881294915a6e866d31a46f9bcb5e19167cfbaa
Patch

7 patch commits total View all on NVD