PT-2025-47906 · Linux+3 · Linux Kernel+3

Published

2025-11-24

Updated

2026-03-13

CVE-2025-40212

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Network File System daemon (nfsd) in the Linux kernel contains a flaw related to reference counting in the nfsd set fh dentry() function. Specifically, when an NFSv3 or NFSv2 client uses a filehandle from a pseudo-root filesystem, the function may incorrectly store the export in a struct svc fh while simultaneously dropping a reference. This can lead to a reference count leak, potentially resulting in a use-after-free condition and denial of service. This issue is triggered when a client synthesizes an incorrect filehandle. The fix involves moving assignments to the svc fh structure to occur after all error cases have been detected.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2025-40212

OPENSUSE-SU-2026:20145-1

SUSE-SU-2026:20148-1

SUSE-SU-2026:20149-1

SUSE-SU-2026:20163-1

SUSE-SU-2026:20164-1

SUSE-SU-2026:20165-1

SUSE-SU-2026:20168-1

SUSE-SU-2026:20169-1

SUSE-SU-2026:20171-1

SUSE-SU-2026:20202-1

SUSE-SU-2026:20207-1

SUSE-SU-2026:20220-1

SUSE-SU-2026:20228-1

USN-8029-1

USN-8029-2

USN-8029-3

USN-8030-1

USN-8048-1

Affected Products

Debian

Linuxmint

Linux Kernel

Ubuntu

PT-2025-47906 · Linux+3 · Linux Kernel+3

CVE-2025-40212

Related Identifiers

Affected Products

References · 906