Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
CVE-2025-40244
CVE-2025-40244
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent() The syzbot reported issue in __hfsplus_ext_cache_extent(): [ 70.194323][ T9350] BUG: KMSAN: uninit-value in __hfsplus_ext_cache_extent+0x7d0/0x990 [ 70.195022][ T9350] __hfsplus_ext_cache_extent+0x7d0/0x990 [ 70.195530][ T9350] hfsplus_file_extend+0x74f/0x1cf0 [ 70.195998][ T9350] hfsplus_get_block+0xe16/0x17b0 [ 70.196458][ T9350] __block_write_begin_int+0x962/0x2ce0 [ 70.196959][ T9350] cont_write_begin+0x1000/0x1950 [ 70.197416][ T9350] hfsplus_write_begin+0x85/0x130 [ 70.197873][ T9350] generic_perform_write+0x3e8/0x1060 [ 70.198374][ T9350] __generic_file_write_iter+0x215/0x460 [ 70.198892][ T9350] generic_file_write_iter+0x109/0x5e0 [ 70.199393][ T9350] vfs_write+0xb0f/0x14e0 [ 70.199771][ T9350] ksys_write+0x23e/0x490 [ 70.200149][ T9350] __x64_sys_write+0x97/0xf0 [ 70.200570][ T9350] x64_sys_call+0x3015/0x3cf0 [ 70.201065][ T9350] do_syscall_64+0xd9/0x1d0 [ 70.201506][ T9350] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.202054][ T9350] [ 70.202279][ T9350] Uninit was created at: [ 70.202693][ T9350] __kmalloc_noprof+0x621/0xf80 [ 70.203149][ T9350] hfsplus_find_init+0x8d/0x1d0 [ 70.203602][ T9350] hfsplus_file_extend+0x6ca/0x1cf0 [ 70.204087][ T9350] hfsplus_get_block+0xe16/0x17b0 [ 70.204561][ T9350] __block_write_begin_int+0x962/0x2ce0 [ 70.205074][ T9350] cont_write_begin+0x1000/0x1950 [ 70.205547][ T9350] hfsplus_write_begin+0x85/0x130 [ 70.206017][ T9350] generic_perform_write+0x3e8/0x1060 [ 70.206519][ T9350] __generic_file_write_iter+0x215/0x460 [ 70.207042][ T9350] generic_file_write_iter+0x109/0x5e0 [ 70.207552][ T9350] vfs_write+0xb0f/0x14e0 [ 70.207961][ T9350] ksys_write+0x23e/0x490 [ 70.208375][ T9350] __x64_sys_write+0x97/0xf0 [ 70.208810][ T9350] x64_sys_call+0x3015/0x3cf0 [ 70.209255][ T9350] do_syscall_64+0xd9/0x1d0 [ 70.209680][ T9350] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.210230][ T9350] [ 70.210454][ T9350] CPU: 2 UID: 0 PID: 9350 Comm: repro Not tainted 6.12.0-rc5 #5 [ 70.211174][ T9350] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 70.212115][ T9350] ===================================================== [ 70.212734][ T9350] Disabling lock debugging due to kernel taint [ 70.213284][ T9350] Kernel panic - not syncing: kmsan.panic set ... [ 70.213858][ T9350] CPU: 2 UID: 0 PID: 9350 Comm: repro Tainted: G B 6.12.0-rc5 #5 [ 70.214679][ T9350] Tainted: [B]=BAD_PAGE [ 70.215057][ T9350] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 70.215999][ T9350] Call Trace: [ 70.216309][ T9350] <TASK> [ 70.216585][ T9350] dump_stack_lvl+0x1fd/0x2b0 [ 70.217025][ T9350] dump_stack+0x1e/0x30 [ 70.217421][ T9350] panic+0x502/0xca0 [ 70.217803][ T9350] ? kmsan_get_metadata+0x13e/0x1c0 [ 70.218294][ Message fromT sy9350] kmsan_report+0x296/slogd@syzkaller 0x2aat Aug 18 22:11:058 ... kernel :[ 70.213284][ T9350] Kernel panic - not syncing: kmsan.panic [ 70.220179][ T9350] ? kmsan_get_metadata+0x13e/0x1c0 set ... [ 70.221254][ T9350] ? __msan_warning+0x96/0x120 [ 70.222066][ T9350] ? __hfsplus_ext_cache_extent+0x7d0/0x990 [ 70.223023][ T9350] ? hfsplus_file_extend+0x74f/0x1cf0 [ 70.224120][ T9350] ? hfsplus_get_block+0xe16/0x17b0 [ 70.224946][ T9350] ? __block_write_begin_int+0x962/0x2ce0 [ 70.225756][ T9350] ? cont_write_begin+0x1000/0x1950 [ 70.226337][ T9350] ? hfsplus_write_begin+0x85/0x130 [ 70.226852][ T9350] ? generic_perform_write+0x3e8/0x1060 [ 70.227405][ T9350] ? __generic_file_write_iter+0x215/0x460 [ 70.227979][ T9350] ? generic_file_write_iter+0x109/0x5e0 [ 70.228540][ T9350] ? vfs_write+0xb0f/0x14e0 [ 70.228997][ T9350] ? ksys_write+0x23e/0x490 ---truncated---
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Published Dec 9, 2025
https://lore.kernel.org/linux-cve-announce/2025120404-CVE-2025-40244-941b@gregkh/
CVSS Score
High
7.0
Ecosystem
Package
Version
Ecosystem
Package
Version
rpm
kernel
2.6.32-131.0.15.el6
rpm
kernel
2.6.32-131.12.1.el6
rpm
kernel
2.6.32-131.17.1.el6
rpm
kernel
2.6.32-131.2.1.el6
rpm
kernel
2.6.32-131.21.1.el6
rpm
kernel
2.6.32-131.4.1.el6
rpm
kernel
2.6.32-131.6.1.el6
rpm
kernel
2.6.32-220.13.1.el6
rpm
kernel
2.6.32-220.17.1.el6
rpm
kernel
2.6.32-220.2.1.el6
rpm
kernel
2.6.32-220.23.1.el6
rpm
kernel
2.6.32-220.4.1.el6
rpm
kernel
2.6.32-220.4.2.el6
rpm
kernel
2.6.32-220.7.1.el6
rpm
kernel
2.6.32-220.el6
rpm
kernel
2.6.32-279.1.1.el6
rpm
kernel
2.6.32-279.11.1.el6
rpm
kernel
2.6.32-279.14.1.el6
rpm
kernel
2.6.32-279.19.1.el6
rpm
kernel
2.6.32-279.2.1.el6
rpm
kernel
2.6.32-279.22.1.el6
rpm
kernel
2.6.32-279.5.1.el6
rpm
kernel
2.6.32-279.5.2.el6
rpm
kernel
2.6.32-279.9.1.el6
rpm
kernel
2.6.32-279.el6
rpm
kernel
2.6.32-358.0.1.el6
rpm
kernel
2.6.32-358.11.1.el6
rpm
kernel
2.6.32-358.14.1.el6
rpm
kernel
2.6.32-358.18.1.el6
rpm
kernel
2.6.32-358.2.1.el6
rpm
kernel
2.6.32-358.23.2.el6
rpm
kernel
2.6.32-358.6.1.el6
rpm
kernel
2.6.32-358.6.2.el6
rpm
kernel
2.6.32-358.el6
rpm
kernel
2.6.32-431.1.2.el6
rpm
kernel
2.6.32-431.11.2.el6
rpm
kernel
2.6.32-431.17.1.el6
rpm
kernel
2.6.32-431.20.3.el6
rpm
kernel
2.6.32-431.20.5.el6
rpm
kernel
2.6.32-431.23.3.el6
rpm
kernel
2.6.32-431.29.2.el6
rpm
kernel
2.6.32-431.3.1.el6
rpm
kernel
2.6.32-431.5.1.el6
rpm
kernel
2.6.32-431.el6
rpm
kernel
2.6.32-504.1.3.el6
rpm
kernel
2.6.32-504.12.2.el6
rpm
kernel
2.6.32-504.16.2.el6
rpm
kernel
2.6.32-504.23.4.el6
rpm
kernel
2.6.32-504.3.3.el6
rpm
kernel
2.6.32-504.30.3.el6
1-50 of 723
CVE-2025-40244 | Components Impacted | Sonatype Guide | Sonatype Guide
