CNNVD-202510-2635 Information

CNNVD ID

CNNVD-202510-2635

Related CVE

CVE-2025-40004

• CNNVD Published: 2025-10-20

Description (Chinese)

Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞，该漏洞源于USB 9pfs传输层中数据包头解析和实际数据复制之间的不一致大小验证，可能导致堆缓冲区溢出。

Description (English)

Linux Kernel is the kernel used by Linux, the Open Source Operator System of the Linux Foundation of the United States. There is a security loophole in Linux Kernel, which stems from the inconsistent size verification of data package header analysis and actual data reproduction in the USB 9pfs transmission layer, which could lead to a spill over the buffer zone.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Linux

Published

2025-10-20

Last Modified

2026-02-24

References

https://git.kernel.org/stable/c/0da18d49f874d444ad83c8a546fa33bfcf2f582c https://git.kernel.org/stable/c/c04db81cd0288dfc68b7a0f7d09bd49b40bba451 https://git.kernel.org/stable/c/df8462f0fc045b4475dc494a5787a03c972ba2a2

Patch

https://www.kernel.org/