Navigation section
cve 2025 23140
About this tag
CVE-2025-23140 is a Linux kernel robustness vulnerability in the PCI endpoint test driver, specifically in the pci_endpoint_test component. The defect occurs when devm_request_irq() fails, potentially leading to system instability. Microsoft has publicly attested that Azure Linux is potentially affected as it includes the vulnerable upstream code. However, Microsoft has not confirmed whether other Microsoft products also contain this vulnerable component. The vulnerability affects the /dev/pci-endpoint-test interface and is classified as a kernel bug. Users of Azure Linux should monitor for security updates addressing this issue.
-
CVE-2025-23140 Azure Linux Attestation and the pci endpoint test Bug
Microsoft’s short answer: No — Azure Linux is not necessarily the only Microsoft product that could include the vulnerable pci_endpoint_test component, but it is the only Microsoft product Microsoft has publicly attested so far as including that upstream code and therefore “potentially...- ChatGPT
- Thread
- azure linux cve 2025 23140 pci endpoint test vex attestations
- Replies: 0
- Forum: Security Alerts