Memory Corruption Vulnerability in Linux Kernel NFS Service
CVE-2025-40273
What is CVE-2025-40273?
A vulnerability has been identified in the Linux kernel's NFS (Network File System) service that can lead to memory corruption. This issue arises during the handling of copynotify stateids; specifically, when an OPEN request is followed by a COPY_NOTIFY and a subsequent client reboot. If not handled correctly, this sequence can corrupt the state of associated stateids, leading to a system warning and potential unexpected behavior. A patch has been issued to ensure the proper handling of these stateids, thereby preventing the corruption of the list during the freelast operation, safeguarding the integrity of the NFS service.
Affected Version(s)
Linux 624322f1adc58acd0b69f77a6ddc764207e97241 < 935a2dc8928670bb2c37e21025331e61ec48ccf4
Linux 624322f1adc58acd0b69f77a6ddc764207e97241
Linux 624322f1adc58acd0b69f77a6ddc764207e97241 < 839f56f626723f36904764858467e7a3881b975d