CVE-2025-40020

🗓️ 24 Oct 2025 12:24:56Reported by LinuxType

CVE-2025-40020 peak_usb fixes shift-out-of-bounds by using a 64-bit constant for 32-bit shifts in CAN FD.

Reporter	Title	Published	Views	Family All 198
AstraLinux	Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15	3 May 202623:59	–	astralinux
CBLMariner	CVE-2025-40020 affecting package kernel for versions less than 6.6.112.1-2	14 Nov 202522:03	–	cbl_mariner
Circl	CVE-2025-40020	24 Oct 202515:19	–	circl
CNNVD	Linux kernel 安全漏洞	24 Oct 202500:00	–	cnnvd
Cvelist	CVE-2025-40020 can: peak_usb: fix shift-out-of-bounds issue	24 Oct 202512:24	–	cvelist
Debian	[SECURITY] [DLA 4379-1] linux-6.1 security update	25 Nov 202517:19	–	debian
Debian	[SECURITY] [DLA 4404-1] linux security update	12 Dec 202513:38	–	debian
Debian	[SECURITY] [DSA 6053-1] linux security update	11 Nov 202520:11	–	debian
Debian CVE	CVE-2025-40020	24 Oct 202512:24	–	debiancve
Tenable Nessus	Debian dla-4379 : linux-config-6.1 - security update	25 Nov 202500:00	–	nessus

Vulners

CNA

Node

linux linux_kernelRange3.4–5.4.300

linux linux_kernelRange5.5.0–5.10.245

linux linux_kernelRange5.11.0–5.15.194

linux linux_kernelRange5.16.0–6.1.155

linux linux_kernelRange6.2.0–6.6.109

linux linux_kernelRange6.7.0–6.12.50

linux linux_kernelRange6.13.0–6.16.10

linux linux_kernelRange6.17.0≥

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/net/can/usb/peak_usb/pcan_usb_core.c"
    ],
    "versions": [
      {
        "version": "bb4785551f64e18b2c8bb15a3bd2b22f5ebf624d",
        "lessThan": "572c656802781cc57f4a3231eefa83547e75ed78",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "bb4785551f64e18b2c8bb15a3bd2b22f5ebf624d",
        "lessThan": "61b1dd4c614935169d12bdecc26906e37b508618",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "bb4785551f64e18b2c8bb15a3bd2b22f5ebf624d",
        "lessThan": "48822a59ecc47d353400d38b1941d3ae7591ffff",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "bb4785551f64e18b2c8bb15a3bd2b22f5ebf624d",
        "lessThan": "176c81cbf9c4e348610a421aad800087c0401f60",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "bb4785551f64e18b2c8bb15a3bd2b22f5ebf624d",
        "lessThan": "17edec1830e48c0becd61642d0e40bc753243b16",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "bb4785551f64e18b2c8bb15a3bd2b22f5ebf624d",
        "lessThan": "eb79ed970670344380e77d62f8188e8015648d94",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "bb4785551f64e18b2c8bb15a3bd2b22f5ebf624d",
        "lessThan": "394c58017e5f41043584c345106cae16a4613710",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "bb4785551f64e18b2c8bb15a3bd2b22f5ebf624d",
        "lessThan": "c443be70aaee42c2d1d251e0329e0a69dd96ae54",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/net/can/usb/peak_usb/pcan_usb_core.c"
    ],
    "versions": [
      {
        "version": "3.4",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "3.4",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.4.300",
        "lessThanOrEqual": "5.4.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.10.245",
        "lessThanOrEqual": "5.10.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.15.194",
        "lessThanOrEqual": "5.15.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.1.155",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.6.109",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.12.50",
        "lessThanOrEqual": "6.12.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.16.10",
        "lessThanOrEqual": "6.16.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.17",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/61b1dd4c614935169d12bdecc26906e37b508618
git	www.git.kernel.org/stable/c/eb79ed970670344380e77d62f8188e8015648d94
git	www.git.kernel.org/stable/c/176c81cbf9c4e348610a421aad800087c0401f60
git	www.git.kernel.org/stable/c/394c58017e5f41043584c345106cae16a4613710
git	www.git.kernel.org/stable/c/572c656802781cc57f4a3231eefa83547e75ed78
git	www.git.kernel.org/stable/c/c443be70aaee42c2d1d251e0329e0a69dd96ae54
git	www.git.kernel.org/stable/c/48822a59ecc47d353400d38b1941d3ae7591ffff
git	www.git.kernel.org/stable/c/17edec1830e48c0becd61642d0e40bc753243b16

11 May 2026 21:40Current

6.2Medium risk

Vulners AI Score6.2

EPSS0.00063