CVE-2025-40305

CVSS v2.0

4.4

Medium

Vector

AV:L/AC:M/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel related to the 9p protocol’s handling of file descriptors. Specifically, the p9 fd request function may not correctly kick the receive thread when EPOLLIN is signaled. The issue stems from changes made to optimize pipe reading, where a necessary wakeup call was removed. This can lead to a situation where data is not processed correctly when the pipe is full. The p9 read work() function does not set Rworksched and does not schedule work if the request list is empty. The function p9 poll mux() is used instead of only checking for EPOLLOUT.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-833

Related Identifiers

BDU:2026-02962

CVE-2025-40305

ECHO-0FDF-F33F-301A

USN-8029-1

USN-8029-2

USN-8029-3

USN-8030-1

USN-8048-1

USN-8095-1

USN-8095-2

USN-8095-3

USN-8095-4

USN-8095-5

USN-8100-1

USN-8125-1

USN-8126-1

USN-8165-1

USN-8261-1

Affected Products

Debian

Linuxmint

Linux Kernel

Ubuntu

CVE-2025-40305

Weakness Enumeration

Related Identifiers

Affected Products

References · 1571