Stack Buffer Overflow in cd9660, tarfs, and ext2fs Filesystems on FreeBSD
CVE-2025-0373

6MEDIUM

Key Information:

Vendor: FreeBSD
Status: FreeBSD
Vendor: CVE Published:; 30 January 2025

What is CVE-2025-0373?

On 64-bit systems, the VOP_VPTOFH() function in the cd9660, tarfs, and ext2fs file systems contains a stack buffer overflow vulnerability. When an NFS server exports one of these filesystems, a malicious NFS client may trigger a system panic by mounting and accessing the exported filesystem. Although there is a potential risk for greater exploitation, such as evading file permission checks or executing remote kernel code, these scenarios have not been demonstrated. The default configurations of FreeBSD kernels include stack protection, which mitigates some instances of this overflow, potentially preventing severe system disruptions.

Affected Version(s)

FreeBSD 14.2-RELEASE

FreeBSD 14.1-RELEASE

FreeBSD 13.4-RELEASE

References

https://security.freebsd.org/advisories/FreeBSD-SA-25:02....

vendor-advisory

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 30, 2025
Vulnerability Reserved
Jan 10, 2025

Credit

Kevin Miller