VDB
DEBIAN-CVE-2025-40020
DEBIAN-CVE-2025-40020
PUBLISHED
In the Linux kernel, the following vulnerability has been resolved: can: peak_usb: fix shift-out-of-bounds issue Explicitly uses a 64-bit constant when the number of bits used for its shifting is 32 (which is the case for PC CAN FD interfaces supported by this driver). [mkl: update subject, apply manually]
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | linux | 5.10.197-1, 5.10.237-1, 5.10.226-1 |
| Debian:11 | linux-6.1 | 6.1.106-3~deb11u3, 6.1.106-3~deb11u1, 0 |
| Debian:14 | linux | 6.15.1-1, 6.12.43-1, 6.12.43-1~bpo12+1 |
| Debian:13 | linux | *, 6.12.38-1, 6.12.57-1 |
| Debian:12 | linux | 6.1.106-2, 6.1.99-1, 6.1.98-1 |
Timeline
- Oct 24, 2025 CVE Published
- Apr 28, 2026 CVE Updated