CVE-2025-40035

In the Linux kernel, the following vulnerability has been resolved:

Input: uinput – zero-initialize uinput_ff_upload_compat to avoid info leak

Struct ff_effect_compat is embedded twice inside
uinput_ff_upload_compat, contains internal padding. In particular, there
is a hole after struct ff_replay to satisfy alignment requirements for
the following union member. Without clearing the structure,
copy_to_user() may leak stack data to userspace.

Initialize ff_up_compat to zero before filling valid fields.

More information : https://git.kernel.org/stable/c/1b317796013f666ae5040edbf0f230ec61496d42