AZL-68867

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-68867.json

JSON Data

https://api.osv.dev/v1/vulns/AZL-68867

Upstream

CVE-2025-40056

Published

2025-10-28T12:15:39Z

Modified

2026-04-21T04:38:31.247565Z

Summary

CVE-2025-40056 affecting package kernel for versions less than 6.6.112.1-2

Details

In the Linux kernel, the following vulnerability has been resolved:

vhost: vringh: Fix copytoiter return value check

The return value of copytoiter can't be negative, check whether the copied length is equal to the requested length instead of checking for negative values.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-40056

Affected packages

Azure Linux:3 / kernel

Package

Name: kernel
Purl: pkg:rpm/azure-linux/kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.6.112.1-2

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-68867.json"