CVE-2025-40099
CVE-2025-40099 is a security vulnerability that is still awaiting full analysis and scoring. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- EPSS exploit prediction: 0% (8th percentile)
- Actively exploited: Not listed in CISA KEV
- EU (EUVD) id: EUVD-2025-36979
- Published:
- Last modified:
Description
In the Linux kernel, the following vulnerability has been resolved: cifs: parse_dfs_referrals: prevent oob on malformed input Malicious SMB server can send invalid reply to FSCTL_DFS_GET_REFERRALS - reply smaller than sizeof(struct get_dfs_referral_rsp) - reply with number of referrals smaller than NumberOfReferrals in the header Processing of such replies will cause oob. Return -EINVAL error on such replies to prevent oob-s.
Frequently asked questions
- What is CVE-2025-40099?
- In the Linux kernel, the following vulnerability has been resolved: cifs: parse_dfs_referrals: prevent oob on malformed input Malicious SMB server can send invalid reply to FSCTL_DFS_GET_REFERRALS - reply smaller than sizeof(struct get_dfs_referral_rsp) - reply with number of referrals smaller than NumberOfReferrals in the header Processing of such replies will cause oob. Return -EINVAL error on such replies to prevent oob-s.
- Is CVE-2025-40099 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (8th percentile), an estimate of the probability of exploitation in the next 30 days.
- How do I fix CVE-2025-40099?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- Does CVE-2025-40099 have an EU (EUVD) identifier?
- Yes. CVE-2025-40099 is tracked in the ENISA EU Vulnerability Database (EUVD) as EUVD-2025-36979.
- When was CVE-2025-40099 published?
- CVE-2025-40099 was published on 2025-10-30 and last updated on 2026-06-17.
References
- https://git.kernel.org/stable/c/15c73964da9df994302f579ed14ee5fdbce7a332
- https://git.kernel.org/stable/c/6447b0e355562a1ff748c4a2ffb89aae7e84d2c9
- https://git.kernel.org/stable/c/8bc4a8d39bac23d8b044fd3e2dbfd965f1d9b058
- https://git.kernel.org/stable/c/bb0f2e66e1ac043a5b238f5bcab4f26f3c317039
- https://git.kernel.org/stable/c/cfacc7441f760e4a73cc71b6ff1635261d534657