CVE-2025-40203
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-11-12
Last updated on: 2025-11-14
Assigner: kernel.org
Description
Description
In the Linux kernel, the following vulnerability has been resolved:
listmount: don't call path_put() under namespace semaphore
Massage listmount() and make sure we don't call path_put() under the
namespace semaphore. If we put the last reference we're fscked.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves the Linux kernel function listmount(), where calling path_put() under the namespace semaphore can cause issues if the last reference is released improperly. The fix ensures that path_put() is not called while holding the namespace semaphore to prevent potential problems.
How can this vulnerability impact me? :
If the last reference is released incorrectly by calling path_put() under the namespace semaphore, it can lead to system instability or crashes, potentially affecting the reliability of the Linux kernel's mount namespace handling.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70