CVE-2025-40307

Published: Dic 08, 2025 Last Modified: Dic 08, 2025

ExploitDB:

Other exploit source:

Google Dorks:

Description

AI Translation Available

In the Linux kernel, the following vulnerability has been resolved:

exfat: validate cluster allocation bits of the allocation bitmap

syzbot created an exfat image with cluster bits not set for the allocation
bitmap. exfat-fs reads and uses the allocation bitmap without checking
this. The problem is that if the start cluster of the allocation bitmap
is 6, cluster 6 can be allocated when creating a directory with mkdir.
exfat zeros out this cluster in exfat_mkdir, which can delete existing
entries. This can reallocate the allocated entries. In addition,
the allocation bitmap is also zeroed out, so cluster 6 can be reallocated.
This patch adds exfat_test_bitmap_range to validate that clusters used for
the allocation bitmap are correctly marked as in-use.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,0002

Percentile

0,0th

Updated

EPSS Score Trend (Last 2 Days)

https://git.kernel.org/stable/c/13c1d24803d5b0446b3f6f0fdd6…

https://git.kernel.org/stable/c/13c1d24803d5b0446b3f6f0fdd67e07ac1fdc7bf

https://git.kernel.org/stable/c/6bc58b4c53795ab5fe00648344a…

https://git.kernel.org/stable/c/6bc58b4c53795ab5fe00648344aa7d9d61175f90

https://git.kernel.org/stable/c/79c1587b6cda74deb0c86fc7ba1…

https://git.kernel.org/stable/c/79c1587b6cda74deb0c86fc7ba194b92958c793c

CVE-2025-40307

Description

EPSS (Exploit Prediction Scoring System)

EPSS (Exploit Prediction Scoring System)

EPSS Score Trend (Last 2 Days)

Iscriviti alla newsletter