CVE-2025-40099
Linux Kernel 4.11.0-6.1.157, 6.2.0-6.6.113, 6.7.0-6.12.54, 6.13.0-6.17.4 - Out-of-Bounds Read via DFS Referral
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: cifs: parse_dfs_referrals: prevent oob on malformed input Malicious SMB server can send invalid reply to FSCTL_DFS_GET_REFERRALS - reply smaller than sizeof(struct get_dfs_referral_rsp) - reply with number of referrals smaller than NumberOfReferrals in the header Processing of such replies will cause oob. Return -EINVAL error on such replies to prevent oob-s.
References (5)
Core 5
Core References
Scores
EPSS
0.0018
EPSS Percentile
8.1%
Details
Status
published
Products (16)
linux/Kernel
4.11.0 - 6.1.158linux
linux/Kernel
6.13.0 - 6.17.5linux
linux/Kernel
6.2.0 - 6.6.114linux
linux/Kernel
6.7.0 - 6.12.55linux
Linux/Linux
< 4.11
Linux/Linux
4.11
Linux/Linux
4ecce920e13ace16a5ba45efe8909946c28fb2ad - 15c73964da9df994302f579ed14ee5fdbce7a332
Linux/Linux
4ecce920e13ace16a5ba45efe8909946c28fb2ad - 6447b0e355562a1ff748c4a2ffb89aae7e84d2c9
Linux/Linux
4ecce920e13ace16a5ba45efe8909946c28fb2ad - 8bc4a8d39bac23d8b044fd3e2dbfd965f1d9b058
Linux/Linux
4ecce920e13ace16a5ba45efe8909946c28fb2ad - bb0f2e66e1ac043a5b238f5bcab4f26f3c317039
... and 6 more
Published
Oct 30, 2025
Tracked Since
Feb 18, 2026