CVE-2025-40264 | Linux Kernel up to 5.4.301/6.6.117/6.12.59/6.17.9 be_insert_vlan_in_pkt wrb_params null pointer dereference

Inserito da Angelo Barbosa | Dic 4, 2025 | CVE

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.4.301/6.6.117/6.12.59/6.17.9. This impacts the function be_insert_vlan_in_pkt. This manipulation of the argument wrb_params causes null pointer dereference.

This vulnerability is handled as CVE-2025-40264. The attack can only be done within the local network. There is not any exploit available.

It is advisable to upgrade the affected component.

CVE-2025-40264 | Linux Kernel up to 5.4.301/6.6.117/6.12.59/6.17.9 be_insert_vlan_in_pkt wrb_params null pointer dereference

Post correlati

CVE-2022-48791 | Linux Kernel up to 5.10.101/5.15.24/5.16.10 pm8001 mpi_ssp_completion use after free

CVE-2024-34068 | Pterodactyl Wings up to 1.11.11 api.disable_remote_download access control

CVE-2025-9042 | Rockwell Automation FLEX 5000 IO improper validation of specified type of input

CVE-2025-60139 | Joovii Sendle Shipping Plugin up to 6.02 on WordPress cross-site request forgery