Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: Don't block input queue by waiting MSC Currently gsm_queue() processes incoming frames and when opening a DLC channel it calls gsm_dlci_open() which calls gsm_modem_update(). If basic mode is used it calls gsm_modem_upd_via_msc() and it cannot block the input queue by waiting the response to come into the same input queue. Instead allow sending Modem Status Command without waiting for remote end to respond. Define a new function gsm_modem_send_initial_msc() for this purpose. As MSC is only valid for basic encoding, it does not do anything for advanced or when convergence layer type 2 is used.
References
- https://git.kernel.org/stable/c/3cf0b3c243e56bc43be560617416c1d9f301f44c
- https://git.kernel.org/stable/c/5416e89b81b00443cb03c88df8da097ae091a141
- https://git.kernel.org/stable/c/c36785f9de03df56ff9b8eca30fa681a12b2310d
- https://git.kernel.org/stable/c/c5a2791a7f11939f05f95c01f0aec0c55bbf28d5
FAQ
What is CVE-2025-40071?
CVE-2025-40071 is a documented vulnerability. In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: Don't block input queue by waiting MSC Currently gsm_queue() processes incoming frames and when opening a DLC channel ...
How severe is CVE-2025-40071?
CVSS scoring is not yet available for CVE-2025-40071. Check NVD for updates.
Is there a patch for CVE-2025-40071?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.