CVE-2025-40300

🗓️ 11 Sep 2025 16:49:24Reported by LinuxType

Linux kernel adds conditional indirect branch barrier after VM exits to protect userspace.

Reporter	Title	Published	Views	Family All 652
IBM Security Bulletins	Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance	23 Apr 202607:29	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance	23 Apr 202610:42	–	ibm
Tenable Nessus	Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2025-1210)	30 Sep 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2025-1227)	28 Oct 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2025-105 (ALASKERNEL-5.10-2025-105)	30 Sep 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2025-091 (ALASKERNEL-5.15-2025-091)	30 Sep 202500:00	–	nessus
Tenable Nessus	AlmaLinux 9 : kernel (ALSA-2025:19930)	12 Nov 202500:00	–	nessus
Tenable Nessus	AlmaLinux 8 : kernel (ALSA-2025:19931)	19 Nov 202500:00	–	nessus
Tenable Nessus	AlmaLinux 8 : kernel-rt (ALSA-2025:19932)	11 Nov 202500:00	–	nessus
Tenable Nessus	Debian dla-4327 : ata-modules-5.10.0-35-armmp-di - security update	13 Oct 202500:00	–	nessus

NVD

Vulners

CNA

Node

linux linux_kernelRange3.16.57–3.17

linux linux_kernelRange4.4.168–4.5

linux linux_kernelRange4.16–5.10.244

linux linux_kernelRange5.11–5.15.193

linux linux_kernelRange5.16–6.1.152

linux linux_kernelRange6.2–6.6.106

linux linux_kernelRange6.7–6.12.47

linux linux_kernelRange6.13–6.16.7

linux linux_kernelMatch6.17rc1

linux linux_kernelMatch6.17rc2

linux linux_kernelMatch6.17rc3

linux linux_kernelMatch6.17rc4

linux linux_kernelMatch6.17rc5

Node

debian debian_linuxMatch11.0

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "arch/x86/include/asm/cpufeatures.h",
      "arch/x86/include/asm/entry-common.h",
      "arch/x86/include/asm/nospec-branch.h",
      "arch/x86/kernel/cpu/bugs.c",
      "arch/x86/kvm/x86.c"
    ],
    "versions": [
      {
        "version": "15d45071523d89b3fb7372e2135fbd72f6af9506",
        "lessThan": "ac60717f9a8d21c58617d0b34274babf24135835",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "15d45071523d89b3fb7372e2135fbd72f6af9506",
        "lessThan": "c08192b5d6730a914dee6175bc71092ee6a65f14",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "15d45071523d89b3fb7372e2135fbd72f6af9506",
        "lessThan": "d5490dfa35427a2967e00a4c7a1b95fdbc8ede34",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "15d45071523d89b3fb7372e2135fbd72f6af9506",
        "lessThan": "2f4f2f8f860cb4c3336a7435ebe8dcfded0c9c6e",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "15d45071523d89b3fb7372e2135fbd72f6af9506",
        "lessThan": "15006289e5c38b2a830e1fba221977a27598176c",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "15d45071523d89b3fb7372e2135fbd72f6af9506",
        "lessThan": "893387c18612bb452336a5881da0d015a7e8f4a2",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "15d45071523d89b3fb7372e2135fbd72f6af9506",
        "lessThan": "f866eef8d1c65504d30923c3f14082ad294d0e6d",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "15d45071523d89b3fb7372e2135fbd72f6af9506",
        "lessThan": "34e5667041050711a947e260fc9ebebe08bddee5",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "15d45071523d89b3fb7372e2135fbd72f6af9506",
        "lessThan": "d7ddc93392e4a7ffcccc86edf6ef3e64c778db52",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "15d45071523d89b3fb7372e2135fbd72f6af9506",
        "lessThan": "459274c77b37ac63b78c928b4b4e748d1f9d05c8",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "15d45071523d89b3fb7372e2135fbd72f6af9506",
        "lessThan": "510603f504796c3535f67f55fb0b124a303b44c8",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "15d45071523d89b3fb7372e2135fbd72f6af9506",
        "lessThan": "9c23a90648e831d611152ac08dbcd1283d405e7f",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "15d45071523d89b3fb7372e2135fbd72f6af9506",
        "lessThan": "2f8f173413f1cbf52660d04df92d0069c4306d25",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "c51f1e5f57cca88d8d5894b6fad1638f643a99d0",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "4b3870c343a82cd2df7192cc5149c87205dcc611",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "3.16.57",
        "lessThan": "3.17",
        "status": "affected",
        "versionType": "semver"
      },
      {
        "version": "4.4.168",
        "lessThan": "4.5",
        "status": "affected",
        "versionType": "semver"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "arch/x86/include/asm/cpufeatures.h",
      "arch/x86/include/asm/entry-common.h",
      "arch/x86/include/asm/nospec-branch.h",
      "arch/x86/kernel/cpu/bugs.c",
      "arch/x86/kvm/x86.c"
    ],
    "versions": [
      {
        "version": "4.16",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "4.16",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.10.244",
        "lessThanOrEqual": "5.10.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.15.193",
        "lessThanOrEqual": "5.15.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.1.152",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.6.106",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.12.47",
        "lessThanOrEqual": "6.12.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.16.7",
        "lessThanOrEqual": "6.16.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.17",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/2f8f173413f1cbf52660d04df92d0069c4306d25
git	www.git.kernel.org/stable/c/893387c18612bb452336a5881da0d015a7e8f4a2
git	www.git.kernel.org/stable/c/34e5667041050711a947e260fc9ebebe08bddee5
git	www.git.kernel.org/stable/c/459274c77b37ac63b78c928b4b4e748d1f9d05c8
git	www.git.kernel.org/stable/c/510603f504796c3535f67f55fb0b124a303b44c8
git	www.git.kernel.org/stable/c/f866eef8d1c65504d30923c3f14082ad294d0e6d
git	www.git.kernel.org/stable/c/ac60717f9a8d21c58617d0b34274babf24135835
git	www.git.kernel.org/stable/c/2f4f2f8f860cb4c3336a7435ebe8dcfded0c9c6e
git	www.git.kernel.org/stable/c/c08192b5d6730a914dee6175bc71092ee6a65f14
git	www.git.kernel.org/stable/c/d5490dfa35427a2967e00a4c7a1b95fdbc8ede34

23 May 2026 16:02Current

6Medium risk

Vulners AI Score6

CVSS 3.15.5

EPSS0.00035