-
CVE-2025-40099
- EPSS 0.05%
- Veröffentlicht 30.10.2025 09:48:05
- Zuletzt bearbeitet 30.10.2025 15:03:13
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
In the Linux kernel, the following vulnerability has been resolved: cifs: parse_dfs_referrals: prevent oob on malformed input Malicious SMB server can send invalid reply to FSCTL_DFS_GET_REFERRALS - reply smaller than sizeof(struct get_dfs_referral_rsp) - reply with number of referrals smaller than NumberOfReferrals in the header Processing of such replies will cause oob. Return -EINVAL error on such replies to prevent oob-s.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version <
cfacc7441f760e4a73cc71b6ff1635261d534657
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
15c73964da9df994302f579ed14ee5fdbce7a332
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
8bc4a8d39bac23d8b044fd3e2dbfd965f1d9b058
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
bb0f2e66e1ac043a5b238f5bcab4f26f3c317039
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
6447b0e355562a1ff748c4a2ffb89aae7e84d2c9
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version <=
6.1.*
Version
6.1.158
Status
unaffected
Version <=
6.6.*
Version
6.6.114
Status
unaffected
Version <=
6.12.*
Version
6.12.55
Status
unaffected
Version <=
6.17.*
Version
6.17.5
Status
unaffected
Version <=
*
Version
6.18
Status
unaffected
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.05% | 0.134 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|