NFSv4 COMPOUND Processing Issue in Linux Kernel Affects Memory Management
CVE-2025-40210

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 21 November 2025

What is CVE-2025-40210?

A vulnerability has been identified in the Linux Kernel affecting NFSv4 COMPOUND processing. This issue arises when an attacker is able to exploit the op count within the COMPOUND header. By crafting a specially designed request, the attacker can trigger the system to allocate an excessively large operation array. This leads to significant resource allocation issues, potentially causing system instability or a complete failure of the NFS daemon (nfsd). Mitigation steps involve re-establishing an operational limit for the number of commands in a COMPOUND request to prevent excessive memory allocations.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch