CVE-2025-40062
CVE-2025-40062 is a security vulnerability that is still awaiting full analysis and scoring. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- EPSS exploit prediction: 0% (8th percentile)
- Actively exploited: Not listed in CISA KEV
- EU (EUVD) id: EUVD-2025-36466
- Published:
- Last modified:
Description
In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - set NULL to qm->debug.qm_diff_regs When the initialization of qm->debug.acc_diff_reg fails, the probe process does not exit. However, after qm->debug.qm_diff_regs is freed, it is not set to NULL. This can lead to a double free when the remove process attempts to free it again. Therefore, qm->debug.qm_diff_regs should be set to NULL after it is freed.
Frequently asked questions
- What is CVE-2025-40062?
- In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - set NULL to qm->debug.qm_diff_regs When the initialization of qm->debug.acc_diff_reg fails, the probe process does not exit. However, after qm->debug.qm_diff_regs is freed, it is not set to NULL. This can lead to a double free when the remove process attempts to free it again. Therefore, qm->debug.qm_diff_regs should be set to NULL after it is freed.
- Is CVE-2025-40062 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (8th percentile), an estimate of the probability of exploitation in the next 30 days.
- How do I fix CVE-2025-40062?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- Does CVE-2025-40062 have an EU (EUVD) identifier?
- Yes. CVE-2025-40062 is tracked in the ENISA EU Vulnerability Database (EUVD) as EUVD-2025-36466.
- When was CVE-2025-40062 published?
- CVE-2025-40062 was published on 2025-10-28 and last updated on 2026-06-17.
References
- https://git.kernel.org/stable/c/1750f1ec143ebabdbdfa013668665c9d5042c430
- https://git.kernel.org/stable/c/7226a0650ad5705bd8d39a11be270fa21ed1e6a5
- https://git.kernel.org/stable/c/a7836260d5121949ba734e840d42a86ab4a32fcc
- https://git.kernel.org/stable/c/a87a21a56244b8f4eb357f6bad879247005bbe38
- https://git.kernel.org/stable/c/f0cafb02de883b3b413d34eb079c9680782a9cc1