From 6159d3ea85c6f73f2d904cd34351aab29ee53686 Mon Sep 17 00:00:00 2001
From: Oracle Linux CVE analysis bot <ora-linux-cve-analysis_mb@oracle.com>
Date: Fri, 9 Jan 2026 15:40:31 +0000
Subject: [PATCH 1/2] Analysis for CVE-2025-40248.yml

---
 vulns/CVE-2025-40248.yml | 10 ++++++++++
 1 file changed, 10 insertions(+)
 create mode 100644 vulns/CVE-2025-40248.yml

diff --git a/vulns/CVE-2025-40248.yml b/vulns/CVE-2025-40248.yml
new file mode 100644
index 0000000..10495dd
--- /dev/null
+++ b/vulns/CVE-2025-40248.yml
@@ -0,0 +1,10 @@
+reachability: Local
+memory_corruption: true
+bug_class: UaF
+impact: DoS, LPE
+privileges_required: false
+notes: |2-
+   Use after free in net/vmw_vsock leading to DoS, privilege escalation and
+  arbitrary kernel code execution
+author: Oracle Corporation
+version: v0.1

From cd2af3463b35fbde4f2dbdb93d4ebd509a42c495 Mon Sep 17 00:00:00 2001
From: Oracle Linux CVE analysis bot <ora-linux-cve-analysis_mb@oracle.com>
Date: Fri, 9 Jan 2026 15:40:31 +0000
Subject: [PATCH 2/2] Analysis for CVE-2025-40280.yml

---
 vulns/CVE-2025-40280.yml | 10 ++++++++++
 1 file changed, 10 insertions(+)
 create mode 100644 vulns/CVE-2025-40280.yml

diff --git a/vulns/CVE-2025-40280.yml b/vulns/CVE-2025-40280.yml
new file mode 100644
index 0000000..d9f5863
--- /dev/null
+++ b/vulns/CVE-2025-40280.yml
@@ -0,0 +1,10 @@
+reachability: Local
+memory_corruption: true
+bug_class: UaF
+impact: DoS, LPE, VM-escape
+privileges_required: false
+notes: |2-
+   Use after free in net/tipc leading to DoS, privilege escalation and
+  VM-escape. Can be triggered by unprivileged user through namespaces
+author: Oracle Corporation
+version: v0.1