From 57c9ae6e627c817123fc7a5ea51f8d76f8b00763 Mon Sep 17 00:00:00 2001
From: Oracle Linux CVE analysis bot <ora-linux-cve-analysis_mb@oracle.com>
Date: Fri, 2 Jan 2026 15:42:30 +0000
Subject: [PATCH 1/2] Analysis for CVE-2025-40149.yml

---
 vulns/CVE-2025-40149.yml | 8 ++++++++
 1 file changed, 8 insertions(+)
 create mode 100644 vulns/CVE-2025-40149.yml

diff --git a/vulns/CVE-2025-40149.yml b/vulns/CVE-2025-40149.yml
new file mode 100644
index 0000000..179d3b0
--- /dev/null
+++ b/vulns/CVE-2025-40149.yml
@@ -0,0 +1,8 @@
+reachability: Local
+memory_corruption: true
+bug_class: Use-after-free
+impact: LPE
+privileges_required: false
+notes: Use-after-free in ktls code which could lead to LPE.
+author: Oracle Corporation
+version: v0.1

From fca8bb9851cd50897d52ae9e6aa332a9a0d3eaec Mon Sep 17 00:00:00 2001
From: Oracle Linux CVE analysis bot <ora-linux-cve-analysis_mb@oracle.com>
Date: Fri, 2 Jan 2026 15:42:30 +0000
Subject: [PATCH 2/2] Analysis for CVE-2025-40158.yml

---
 vulns/CVE-2025-40158.yml | 8 ++++++++
 1 file changed, 8 insertions(+)
 create mode 100644 vulns/CVE-2025-40158.yml

diff --git a/vulns/CVE-2025-40158.yml b/vulns/CVE-2025-40158.yml
new file mode 100644
index 0000000..53929fa
--- /dev/null
+++ b/vulns/CVE-2025-40158.yml
@@ -0,0 +1,8 @@
+reachability: Local
+memory_corruption: true
+bug_class: Use-after-free
+impact: LPE
+privileges_required: false
+notes: Use-after-free in ipv6 code which could lead to LPE.
+author: Oracle Corporation
+version: v0.1