7.8

CVE-2025-39730

NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()

In the Linux kernel, the following vulnerability has been resolved:

NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()

The function needs to check the minimal filehandle length before it can
access the embedded filehandle.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.13 < 5.4.297
LinuxLinux Kernel Version >= 5.5 < 5.10.241
LinuxLinux Kernel Version >= 5.11 < 5.15.190
LinuxLinux Kernel Version >= 5.16 < 6.1.148
LinuxLinux Kernel Version >= 6.2 < 6.6.102
LinuxLinux Kernel Version >= 6.7 < 6.12.42
LinuxLinux Kernel Version >= 6.13 < 6.15.10
LinuxLinux Kernel Version >= 6.16 < 6.16.1
DebianDebian Linux Version11.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.18% 0.078
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/7f8eca87fef7519e9c41f3258f25ebc2752247ee
Patch
https://git.kernel.org/stable/c/cb09afa0948d96b1e385d609ed044bb1aa043536
Patch
https://git.kernel.org/stable/c/3570ef5c31314c13274c935a20b91768ab5bf412
Patch
https://git.kernel.org/stable/c/763810bb883cb4de412a72f338d80947d97df67b
Patch
https://git.kernel.org/stable/c/12ad3def2e5e0b120e3d0cb6ce8b7b796819ad40
Patch
https://git.kernel.org/stable/c/2ad40b7992aa26bc631afc1a995b0e3ddc30de3f
Patch
https://git.kernel.org/stable/c/b7f7866932466332a2528fda099000b035303485
Patch
https://git.kernel.org/stable/c/7dd36f7477d1e03a1fcf8d13531ca326c4fb599f
Patch
https://git.kernel.org/stable/c/ef93a685e01a281b5e2a25ce4e3428cf9371a205
Patch
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
Third Party Advisory
Mailing List
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Third Party Advisory
Mailing List