CVE-2025-40359

================================================================== BUG: KASAN: global-out-of-bounds in cmtlatencydata+0x176/0x1b0 Read of size 4 at addr ffffffffb721d000 by task dtlb/9850

Call Trace:

kasanreport+0xb8/0xf0 cmtlatencydata+0x176/0x1b0 setuparchpebssampledata+0xf49/0x2560 intelpmudrainarchpebs+0x577/0xb00 handlepmi_common+0x6c4/0xc80

The issue is caused by below code in _grtlatencydata(). The code tries to access x86hybrid_pmu structure which doesn't exist on non-hybrid platform like CWF.

    WARN_ON_ONCE(hybrid_pmu(event->pmu)->pmu_type == hybrid_big)

So add ishybrid() check before calling this WARNON_ONCE to fix the global-out-of-bounds access issue.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40359.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

090262439f66df03d4e9d0e52e14104b729e2ef8

Fixed

1b61a1da3d8105ea1be548c94c2856697eb7ffd1

Fixed

710a72e81a7028e1ad1a10eb14f941f8dd45ffd3

Fixed

0ba6502ce167fc3d598c08c2cc3b4ed7ca5aa251

Affected versions

v6.*

v6.10

v6.10-rc2

v6.10-rc3

v6.10-rc4

v6.10-rc5

v6.10-rc6

v6.10-rc7

v6.11

v6.11-rc1

v6.11-rc2

v6.11-rc3

v6.11-rc4

v6.11-rc5

v6.11-rc6

v6.11-rc7

v6.12

v6.12-rc1

v6.12-rc2

v6.12-rc3

v6.12-rc4

v6.12-rc5

v6.12-rc6

v6.12-rc7

v6.12.1

v6.12.10

v6.12.11

v6.12.12

v6.12.13

v6.12.14

v6.12.15

v6.12.16

v6.12.17

v6.12.18

v6.12.19

v6.12.2

v6.12.20

v6.12.21

v6.12.22

v6.12.23

v6.12.24

v6.12.25

v6.12.26

v6.12.27

v6.12.28

v6.12.29

v6.12.3

v6.12.30

v6.12.31

v6.12.32

v6.12.33

v6.12.34

v6.12.35

v6.12.36

v6.12.37

v6.12.38

v6.12.39

v6.12.4

v6.12.40

v6.12.41

v6.12.42

v6.12.43

v6.12.44

v6.12.45

v6.12.46

v6.12.47

v6.12.48

v6.12.49

v6.12.5

v6.12.50

v6.12.51

v6.12.52

v6.12.53

v6.12.54

v6.12.55

v6.12.56

v6.12.57

v6.12.6

v6.12.7

v6.12.8

v6.12.9

v6.13

v6.13-rc1

v6.13-rc2

v6.13-rc3

v6.13-rc4

v6.13-rc5

v6.13-rc6

v6.13-rc7

v6.14

v6.14-rc1

v6.14-rc2

v6.14-rc3

v6.14-rc4

v6.14-rc5

v6.14-rc6

v6.14-rc7

v6.15

v6.15-rc1

v6.15-rc2

v6.15-rc3

v6.15-rc4

v6.15-rc5

v6.15-rc6

v6.15-rc7

v6.16

v6.16-rc1

v6.16-rc2

v6.16-rc3

v6.16-rc4

v6.16-rc5

v6.16-rc6

v6.16-rc7

v6.17

v6.17-rc1

v6.17-rc2

v6.17-rc3

v6.17-rc4

v6.17-rc5

v6.17-rc6

v6.17-rc7

v6.17.1

v6.17.2

v6.17.3

v6.17.4

v6.17.5

v6.17.6

v6.17.7

v6.18-rc1

v6.18-rc2

v6.18-rc3

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-40359.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

6.11.0

Fixed

6.12.58

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.17.8

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-40359.json"