| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025090730-CVE-2025-39730-72c9@gregkh> Date: Sun, 7 Sep 2025 17:16:31 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2025-39730: NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() The function needs to check the minimal filehandle length before it can access the embedded filehandle. The Linux kernel CVE team has assigned CVE-2025-39730 to this issue. Affected and fixed versions =========================== Issue introduced in 4.13 with commit 20fa19027286983ab2734b5910c4a687436e0c31 and fixed in 5.4.297 with commit 7f8eca87fef7519e9c41f3258f25ebc2752247ee Issue introduced in 4.13 with commit 20fa19027286983ab2734b5910c4a687436e0c31 and fixed in 5.10.241 with commit cb09afa0948d96b1e385d609ed044bb1aa043536 Issue introduced in 4.13 with commit 20fa19027286983ab2734b5910c4a687436e0c31 and fixed in 5.15.190 with commit 3570ef5c31314c13274c935a20b91768ab5bf412 Issue introduced in 4.13 with commit 20fa19027286983ab2734b5910c4a687436e0c31 and fixed in 6.1.148 with commit 763810bb883cb4de412a72f338d80947d97df67b Issue introduced in 4.13 with commit 20fa19027286983ab2734b5910c4a687436e0c31 and fixed in 6.6.102 with commit 12ad3def2e5e0b120e3d0cb6ce8b7b796819ad40 Issue introduced in 4.13 with commit 20fa19027286983ab2734b5910c4a687436e0c31 and fixed in 6.12.42 with commit 2ad40b7992aa26bc631afc1a995b0e3ddc30de3f Issue introduced in 4.13 with commit 20fa19027286983ab2734b5910c4a687436e0c31 and fixed in 6.15.10 with commit b7f7866932466332a2528fda099000b035303485 Issue introduced in 4.13 with commit 20fa19027286983ab2734b5910c4a687436e0c31 and fixed in 6.16.1 with commit 7dd36f7477d1e03a1fcf8d13531ca326c4fb599f Issue introduced in 4.13 with commit 20fa19027286983ab2734b5910c4a687436e0c31 and fixed in 6.17-rc1 with commit ef93a685e01a281b5e2a25ce4e3428cf9371a205 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2025-39730 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: fs/nfs/export.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/7f8eca87fef7519e9c41f3258f25ebc2752247ee https://git.kernel.org/stable/c/cb09afa0948d96b1e385d609ed044bb1aa043536 https://git.kernel.org/stable/c/3570ef5c31314c13274c935a20b91768ab5bf412 https://git.kernel.org/stable/c/763810bb883cb4de412a72f338d80947d97df67b https://git.kernel.org/stable/c/12ad3def2e5e0b120e3d0cb6ce8b7b796819ad40 https://git.kernel.org/stable/c/2ad40b7992aa26bc631afc1a995b0e3ddc30de3f https://git.kernel.org/stable/c/b7f7866932466332a2528fda099000b035303485 https://git.kernel.org/stable/c/7dd36f7477d1e03a1fcf8d13531ca326c4fb599f https://git.kernel.org/stable/c/ef93a685e01a281b5e2a25ce4e3428cf9371a205
Powered by blists - more mailing lists