CVE-2025-21962
cifs: Fix integer overflow while processing closetimeo mount option
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 5.5EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
01 abr 2025Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
In the Linux kernel, the following vulnerability has been resolved:
cifs: Fix integer overflow while processing closetimeo mount option
User-provided mount parameter closetimeo of type u32 is intended to have
an upper limit, but before it is validated, the value is converted from
seconds to jiffies which can lead to an integer overflow.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Produtos afetados
Linux · LinuxQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://git.kernel.org/stable/c/1c46673be93dd2954f44fe370fb4f2b8e6214224https://git.kernel.org/stable/c/513f6cf2e906a504b7ab0b62b2eea993a6f64558https://git.kernel.org/stable/c/6c13fcb7cf59ae65940da1dfea80144e42921e53https://git.kernel.org/stable/c/9968fcf02cf6b0f78fbacf3f63e782162603855ahttps://git.kernel.org/stable/c/b24edd5c191c2689c59d0509f0903f9487eb6317https://git.kernel.org/stable/c/d5a30fddfe2f2e540f6c43b59cf701809995faefhttps://lists.debian.org/debian-lts-announce/2025/05/msg00045.html