Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-40080

Опубликовано: 28 окт. 2025
Источник: redhat
CVSS3: 6.1
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved: nbd: restrict sockets to TCP and UDP Recently, syzbot started to abuse NBD with all kinds of sockets. Commit cf1b2326b734 ("nbd: verify socket is supported during setup") made sure the socket supported a shutdown() method. Explicitely accept TCP and UNIX stream sockets.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10kernelFix deferred
Red Hat Enterprise Linux 6kernelOut of support scope
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernelFix deferred
Red Hat Enterprise Linux 8kernel-rtFix deferred
Red Hat Enterprise Linux 9kernelFix deferred
Red Hat Enterprise Linux 9kernel-rtFix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-1287
https://bugzilla.redhat.com/show_bug.cgi?id=2406775kernel: nbd: restrict sockets to TCP and UDP

EPSS

Процентиль: 16%
0.0005
Низкий

6.1 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2025-40080

ubuntu
5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: nbd: restrict sockets to TCP and UDP Recently, syzbot started to abuse NBD with all kinds of sockets. Commit cf1b2326b734 ("nbd: verify socket is supported during setup") made sure the socket supported a shutdown() method. Explicitely accept TCP and UNIX stream sockets.

nvd логотип

CVE-2025-40080

nvd
5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: nbd: restrict sockets to TCP and UDP Recently, syzbot started to abuse NBD with all kinds of sockets. Commit cf1b2326b734 ("nbd: verify socket is supported during setup") made sure the socket supported a shutdown() method. Explicitely accept TCP and UNIX stream sockets.

msrc логотип

CVE-2025-40080

CVSS3: 5.5
msrc
5 месяцев назад

nbd: restrict sockets to TCP and UDP

debian логотип

CVE-2025-40080

debian
5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: n ...

github логотип

GHSA-mp9c-x94p-8jh7

github
5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: nbd: restrict sockets to TCP and UDP Recently, syzbot started to abuse NBD with all kinds of sockets. Commit cf1b2326b734 ("nbd: verify socket is supported during setup") made sure the socket supported a shutdown() method. Explicitely accept TCP and UNIX stream sockets.

EPSS

Процентиль: 16%
0.0005
Низкий

6.1 Medium

CVSS3