CVE-2025-40210
BaseFortify
Publication date: 2025-11-21
Last updated on: 2025-11-21
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves the Linux kernel's NFS server (NFSD) handling of NFSv4 COMPOUND operations. Specifically, an attacker can craft a COMPOUND request with an arbitrarily large number of operations in its header. This causes the NFSD to attempt to allocate an excessively large amount of memory for the operations array, leading to a vmalloc error due to exceeding available memory. The issue arose after removing the cap on the number of operations per NFSv4 COMPOUND, which has now been restored with an increased limit of 200 operations.
How can this vulnerability impact me? :
This vulnerability can cause the NFS server to attempt to allocate an extremely large amount of memory, potentially leading to resource exhaustion or denial of service (DoS) conditions. Additionally, it can cause certain NFS operations, such as CLOSE9, to hang indefinitely, disrupting normal NFS functionality and potentially impacting system stability and availability.
What immediate steps should I take to mitigate this vulnerability?
The vulnerability is mitigated by restoring the operation-per-COMPOUND limit in the Linux kernel, increased to 200. Therefore, immediate steps include updating your Linux kernel to a version that includes this fix to prevent an attacker from causing excessive memory allocation by placing an arbitrarily large operation count in the NFSv4 COMPOUND header.