CVE-2025-40071

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

28/10/2025

Last modified:

30/10/2025

Description

In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: Don&#39;t block input queue by waiting MSC Currently gsm_queue() processes incoming frames and when opening a DLC channel it calls gsm_dlci_open() which calls gsm_modem_update(). If basic mode is used it calls gsm_modem_upd_via_msc() and it cannot block the input queue by waiting the response to come into the same input queue. Instead allow sending Modem Status Command without waiting for remote end to respond. Define a new function gsm_modem_send_initial_msc() for this purpose. As MSC is only valid for basic encoding, it does not do anything for advanced or when convergence layer type 2 is used.

Impact

References to Advisories, Solutions, and Tools

https://git.kernel.org/stable/c/3cf0b3c243e56bc43be560617416c1d9f301f44c
https://git.kernel.org/stable/c/5416e89b81b00443cb03c88df8da097ae091a141
https://git.kernel.org/stable/c/c36785f9de03df56ff9b8eca30fa681a12b2310d
https://git.kernel.org/stable/c/c5a2791a7f11939f05f95c01f0aec0c55bbf28d5