CVE-2025-40198
BaseFortify
Publication date: 2025-11-12
Last updated on: 2025-11-14
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a potential buffer over-read in the Linux kernel's ext4 filesystem code, specifically in the function parse_apply_sb_mount_options(). The issue arises because the code assumes that the s_mount_opts string in the ext4 superblock is NUL terminated, relying on the tune2fs tool to ensure this. However, if s_mount_opts is not properly NUL terminated, it can lead to reading beyond the intended buffer, which is a security risk. The fix hardens the function by treating s_mount_opts as a potential non-string to avoid this over-read.
How can this vulnerability impact me? :
This vulnerability can lead to a buffer over-read, which may cause the system to read memory beyond the intended buffer. This can potentially result in information disclosure, system instability, or crashes. In some cases, such vulnerabilities can be exploited to escalate privileges or execute arbitrary code, depending on the context and how the over-read is leveraged.