CVE-2025-40118 | Linux Kernel up to 6.17.2 scsi pm8001_sas.c phy_attached array index

A vulnerability classified as critical was found in Linux Kernel up to 6.17.2. Affected by this vulnerability is the function phy_attached of the file drivers/scsi/pm8001/pm8001_sas.c of the component scsi. The manipulation results in improper validation of array index.

This vulnerability was named CVE-2025-40118. The attack needs to be approached within the local network. There is no available exploit.

Upgrading the affected component is advised.VulDB Recent EntriesRead More