CVE-2025-40171

EPSS 0.04%
Veröffentlicht 12.11.2025 10:46:52
Zuletzt bearbeitet 12.11.2025 16:19:12
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

nvmet-fc: move lsop put work to nvmet_fc_ls_req_op

It’s possible for more than one async command to be in flight from
__nvmet_fc_send_ls_req. For each command, a tgtport reference is taken.

In the current code, only one put work item is queued at a time, which
results in a leaked reference.

To fix this, move the work item to the nvmet_fc_ls_req_op struct, which
already tracks all resources related to the command.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 9

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 11269c08013f4ee8b8f5edc6c56700acb34092d0

Version 5e0bc09a52b6169ce90f7ac6e195791adb16cec4

Status affected

Version < a28112cc55013cd8cbd5d36b5115a5b851151bd9

Version 9e6987f8937a7bd7516aa52f25cb7e12c0c92ee8

Status affected

Version < 060ecc81240ef9d60d9485a3a5eb55a0d6e7a25c

Version eaf0971fdabf2a93c1429dc6bedf3bbe85dffa30

Status affected

Version < 7331925c247b03b7767b8cd93cfe1b7aa2377850

Version 710c69dbaccdac312e32931abcb8499c1525d397

Status affected

Version < 7a619f8c869117ffed08365b377f66b7e1d941b4

Version 710c69dbaccdac312e32931abcb8499c1525d397

Status affected

Version < db5a5406fb7e5337a074385c7a3e53c77f2c1bd3

Version 710c69dbaccdac312e32931abcb8499c1525d397

Status affected

Version 1d86f79287206deec36d63b89c741cf542b6cadd

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 6.8

Status affected

Version < 6.8

Version 0

Status unaffected

Version <= 5.15.*

Version 5.15.195

Status unaffected

Version <= 6.1.*

Version 6.1.156

Status unaffected

Version <= 6.6.*

Version 6.6.112

Status unaffected

Version <= 6.12.*

Version 6.12.53

Status unaffected

Version <= 6.17.*

Version 6.17.3

Status unaffected

Version <= *

Version 6.18

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.099

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/11269c08013f4ee8b8f5edc6c56700acb34092d0

https://git.kernel.org/stable/c/a28112cc55013cd8cbd5d36b5115a5b851151bd9

https://git.kernel.org/stable/c/060ecc81240ef9d60d9485a3a5eb55a0d6e7a25c

https://git.kernel.org/stable/c/7331925c247b03b7767b8cd93cfe1b7aa2377850

https://git.kernel.org/stable/c/7a619f8c869117ffed08365b377f66b7e1d941b4

https://git.kernel.org/stable/c/db5a5406fb7e5337a074385c7a3e53c77f2c1bd3

https://nvd.nist.gov/vuln/detail/CVE-2025-40171

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-40171

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-40171

EUVD