CVE-2025-40210

NONE EPSS 4.6%
Published Nov 21, 20257mo ago · Modified Jun 17, 20262w ago
Find Similar
Published Nov 21, 2025 7mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which causes CLOSE9 to hang indefinitely. I've dug into it a little, but I haven't been able to root-cause it yet. However, I bisected to commit 48aab1606fa8 ("NFSD: Remove the cap on number of operations per NFSv4 COMPOUND"). Tianshuo Han also reports a potential vulnerability when decoding an NFSv4 COMPOUND. An attacker can place an arbitrarily large op count in the COMPOUND header, which results in: [ 51.410584] nfsd: vmalloc error: size 1209533382144, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0 when NFSD attempts to allocate the COMPOUND op array. Let's restore the operation-per-COMPOUND limit, but increased to 200 for now.

Threat Intelligence

EPSS Exploit Probability
4.6% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 2

  • git.kernel.org https://git.kernel.org/stable/c/3e7f011c255582d7c914133785bbba1990441713
  • git.kernel.org https://git.kernel.org/stable/c/b3ee7ce432289deac87b9d14e01f2fe6958f7f0b

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.