-

CVE-2025-40179

EPSS 0.04%
Veröffentlicht 12.11.2025 21:56:24
Zuletzt bearbeitet 14.11.2025 16:42:30
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

ext4: verify orphan file size is not too big

In principle orphan file can be arbitrarily large. However orphan replay
needs to traverse it all and we also pin all its buffers in memory. Thus
filesystems with absurdly large orphan files can lead to big amounts of
memory consumed. Limit orphan file size to a sane value and also use
kvmalloc() for allocating array of block descriptor structures to avoid
large order allocations for sane but large orphan files.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 9

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 95a21611b14ae0a401720645245a8db16f040995

Version 02f310fcf47fa9311d6ba2946a8d19e7d7d11f37

Status affected

Version < 566a1d6084563bd07433025aa23bcea4427de107

Version 02f310fcf47fa9311d6ba2946a8d19e7d7d11f37

Status affected

Version < 304fc34ff6fc8261138fd81f119e024ac3a129e9

Version 02f310fcf47fa9311d6ba2946a8d19e7d7d11f37

Status affected

Version < a2d803fab8a6c6a874277cb80156dc114db91921

Version 02f310fcf47fa9311d6ba2946a8d19e7d7d11f37

Status affected

Version < 2b9da798ff0f4d026c5f0f815047393ebe7d8859

Version 02f310fcf47fa9311d6ba2946a8d19e7d7d11f37

Status affected

Version < 0a6ce20c156442a4ce2a404747bb0fb05d54eeb3

Version 02f310fcf47fa9311d6ba2946a8d19e7d7d11f37

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.15

Status affected

Version < 5.15

Version 0

Status unaffected

Version <= 5.15.*

Version 5.15.195

Status unaffected

Version <= 6.1.*

Version 6.1.157

Status unaffected

Version <= 6.6.*

Version 6.6.113

Status unaffected

Version <= 6.12.*

Version 6.12.54

Status unaffected

Version <= 6.17.*

Version 6.17.4

Status unaffected

Version <= *

Version 6.18

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.099

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/95a21611b14ae0a401720645245a8db16f040995

https://git.kernel.org/stable/c/566a1d6084563bd07433025aa23bcea4427de107

https://git.kernel.org/stable/c/304fc34ff6fc8261138fd81f119e024ac3a129e9

https://git.kernel.org/stable/c/a2d803fab8a6c6a874277cb80156dc114db91921

https://git.kernel.org/stable/c/2b9da798ff0f4d026c5f0f815047393ebe7d8859

https://git.kernel.org/stable/c/0a6ce20c156442a4ce2a404747bb0fb05d54eeb3

https://nvd.nist.gov/vuln/detail/CVE-2025-40179

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-40179

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-40179

EUVD