CVE-2025-40080
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
nbd: restrict sockets to TCP and UDP
Recently, syzbot started to abuse NBD with all kinds of sockets.
Commit cf1b2326b734 ("nbd: verify socket is supported during setup") made sure the socket supported a shutdown() method.
Explicitely accept TCP and UNIX stream sockets.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | cf1b2326b734896734c6e167e41766f9cee7686a < c365e8f20f4201d873a70385bd919f0fb531e960 | affected |
| Linux | Linux | cf1b2326b734896734c6e167e41766f9cee7686a < 4f9e6ff6319dbcebea64b50af0304cf0ad7e97e7 | affected |
| Linux | Linux | cf1b2326b734896734c6e167e41766f9cee7686a < 37ad11f20e164c23ce827dd455b42c0fdd29685c | affected |
| Linux | Linux | cf1b2326b734896734c6e167e41766f9cee7686a < 808e2335bc1cf2293b9e36ccc94c267c81509c71 | affected |
| Linux | Linux | cf1b2326b734896734c6e167e41766f9cee7686a < 9f7c02e031570e8291a63162c6c046dc15ff85b0 | affected |
| Linux | Linux | 4df728651b8a99693c69962d8e5a5b9e5a3bbcc7 | affected |
| Linux | Linux | 083322455c67d278c56a66b73f1221f004ee600a | affected |
| Linux | Linux | 4fa1cbd587ef967812f9d9f6ce46ec1dead7502c | affected |
| Linux | Linux | 4.14.152 < 4.15 | affected |
| Linux | Linux | 4.19.82 < 4.20 | affected |
| Linux | Linux | 5.3.9 < 5.4 | affected |
| Linux | Linux | 5.4 | affected |
| Linux | Linux | 0 < 5.4 | unaffected |
| Linux | Linux | 6.1.156 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.112 <= 6.6.* | unaffected |
| Linux | Linux | 6.12.53 <= 6.12.* | unaffected |
| Linux | Linux | 6.17.3 <= 6.17.* | unaffected |
| Linux | Linux | 6.18 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/c365e8f20f4201d873a70385bd919f0fb531e960
- https://git.kernel.org/stable/c/4f9e6ff6319dbcebea64b50af0304cf0ad7e97e7
- https://git.kernel.org/stable/c/37ad11f20e164c23ce827dd455b42c0fdd29685c
- https://git.kernel.org/stable/c/808e2335bc1cf2293b9e36ccc94c267c81509c71
- https://git.kernel.org/stable/c/9f7c02e031570e8291a63162c6c046dc15ff85b0
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.