CVE-2025-21964
cifs: Fix integer overflow while processing acregmax mount option
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 5.5EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
01 abr 2025Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
In the Linux kernel, the following vulnerability has been resolved:
cifs: Fix integer overflow while processing acregmax mount option
User-provided mount parameter acregmax of type u32 is intended to have
an upper limit, but before it is validated, the value is converted from
seconds to jiffies which can lead to an integer overflow.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Productos afectados
Linux · LinuxReferencias
https://git.kernel.org/stable/c/0252c33cc943e9e48ddfafaa6b1eb72adb68a099https://git.kernel.org/stable/c/5f500874ab9b3cc8c169c2ab49f00b838520b9c5https://git.kernel.org/stable/c/7489161b1852390b4413d57f2457cd40b34da6cchttps://git.kernel.org/stable/c/833f2903eb8b70faca7967319e580e9ce69729fchttps://git.kernel.org/stable/c/a13351624a6af8d91398860b8c9d4cf6c8e63de5https://git.kernel.org/stable/c/dd190168e60ac15408f074a1fe0ce36aff34027bhttps://lists.debian.org/debian-lts-announce/2025/05/msg00045.html