{"id":"AZL-68942","summary":"CVE-2025-40071 affecting package kernel for versions less than 6.6.112.1-2","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: Don't block input queue by waiting MSC\n\nCurrently gsm_queue() processes incoming frames and when opening\na DLC channel it calls gsm_dlci_open() which calls gsm_modem_update().\nIf basic mode is used it calls gsm_modem_upd_via_msc() and it\ncannot block the input queue by waiting the response to come\ninto the same input queue.\n\nInstead allow sending Modem Status Command without waiting for remote\nend to respond. Define a new function gsm_modem_send_initial_msc()\nfor this purpose. As MSC is only valid for basic encoding, it does\nnot do anything for advanced or when convergence layer type 2 is used.","modified":"2026-04-01T05:21:30.996708Z","published":"2025-10-28T12:15:41Z","upstream":["CVE-2025-40071"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40071"}],"affected":[{"package":{"name":"kernel","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/kernel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.6.112.1-2"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-68942.json"}}],"schema_version":"1.7.5"}