CVE-2025-40126
Published: November 14, 2025Last modified: November 14, 2025
Description
In the Linux kernel, the following vulnerability has been resolved: sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC The referenced commit introduced exception handlers on user-space memory references in copy_from_user and copy_to_user. These handlers return from the respective function and calculate the remaining bytes left to copy using the current register contents. This commit fixes a couple of bad calculations. This will fix the return value of copy_from_user and copy_to_user in the faulting case. The behaviour of memcpy stays unchanged.
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | linux-lts | Fixed (6.1.156-r0) |
| 25 LTS | linux-lts | Fixed (6.12.53-r0) | |
| Stream | linux-lts | Fixed (6.12.53-r0) |
References
- https://git.kernel.org/stable/c/0bf3dc3a2156f1c5ddaba4b85d09767874634114
- https://git.kernel.org/stable/c/41c18baee66134e6ef786eb075c1b6adb22432b0
- https://git.kernel.org/stable/c/4fba1713001195e59cfc001ff1f2837dab877efb
- https://git.kernel.org/stable/c/57c278500fce3cd4e1c540700c0b05426a958393
- https://git.kernel.org/stable/c/59424dc0d0e044b2eb007686a4724ddd91d57db5
- https://git.kernel.org/stable/c/674ff598148a28bae0b5372339de56f2abf0b1d1
- https://git.kernel.org/stable/c/7de3a75bbc8465d816336c74d50109e73501efab
- https://git.kernel.org/stable/c/9b137f277cc3297044aabd950f589e505d30104c