-

CVE-2025-40080

EPSS 0.05%
Veröffentlicht 28.10.2025 11:48:44
Zuletzt bearbeitet 30.10.2025 15:05:32
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

nbd: restrict sockets to TCP and UDP

Recently, syzbot started to abuse NBD with all kinds of sockets.

Commit cf1b2326b734 ("nbd: verify socket is supported during setup")
made sure the socket supported a shutdown() method.

Explicitely accept TCP and UNIX stream sockets.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 8

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < c365e8f20f4201d873a70385bd919f0fb531e960

Version cf1b2326b734896734c6e167e41766f9cee7686a

Status affected

Version < 4f9e6ff6319dbcebea64b50af0304cf0ad7e97e7

Version cf1b2326b734896734c6e167e41766f9cee7686a

Status affected

Version < 37ad11f20e164c23ce827dd455b42c0fdd29685c

Version cf1b2326b734896734c6e167e41766f9cee7686a

Status affected

Version < 808e2335bc1cf2293b9e36ccc94c267c81509c71

Version cf1b2326b734896734c6e167e41766f9cee7686a

Status affected

Version < 9f7c02e031570e8291a63162c6c046dc15ff85b0

Version cf1b2326b734896734c6e167e41766f9cee7686a

Status affected

Version 4df728651b8a99693c69962d8e5a5b9e5a3bbcc7

Status affected

Version 083322455c67d278c56a66b73f1221f004ee600a

Status affected

Version 4fa1cbd587ef967812f9d9f6ce46ec1dead7502c

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.4

Status affected

Version < 5.4

Version 0

Status unaffected

Version <= 6.1.*

Version 6.1.156

Status unaffected

Version <= 6.6.*

Version 6.6.112

Status unaffected

Version <= 6.12.*

Version 6.12.53

Status unaffected

Version <= 6.17.*

Version 6.17.3

Status unaffected

Version <= *

Version 6.18

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.134

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/c365e8f20f4201d873a70385bd919f0fb531e960

https://git.kernel.org/stable/c/4f9e6ff6319dbcebea64b50af0304cf0ad7e97e7

https://git.kernel.org/stable/c/37ad11f20e164c23ce827dd455b42c0fdd29685c

https://git.kernel.org/stable/c/808e2335bc1cf2293b9e36ccc94c267c81509c71

https://git.kernel.org/stable/c/9f7c02e031570e8291a63162c6c046dc15ff85b0

https://nvd.nist.gov/vuln/detail/CVE-2025-40080

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-40080

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-40080

EUVD