Out-of-Bounds Vulnerability in Linux Kernel Affecting SMB Protocol
CVE-2025-40099

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 30 October 2025

What is CVE-2025-40099?

A vulnerability exists in the Linux kernel's handling of SMB protocol communications, specifically in the CIFS module. An attacker can exploit this flaw by sending malformed responses from a malicious SMB server, which may lead to out-of-bounds access. This occurs when the server's reply is either smaller than the expected size of the designated response structure or contains a number of referrals that does not match the expected value, potentially leading to memory corruption. The kernel has implemented safeguards to return an -EINVAL error to mitigate these out-of-bounds issues.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 15c73964da9df994302f579ed14ee5fdbce7a332

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 8bc4a8d39bac23d8b044fd3e2dbfd965f1d9b058

References

https://git.kernel.org/stable/c/cfacc7441f760e4a73cc71b6f...

https://git.kernel.org/stable/c/15c73964da9df994302f579ed...

https://git.kernel.org/stable/c/8bc4a8d39bac23d8b044fd3e2...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 30, 2025
Vulnerability Reserved
Apr 16, 2025

JSON