CVE-2025-40210

UNKNOWN 0.0

Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND"

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which causes CLOSE9 to hang indefinitely. I've dug into it a little, but I haven't been able to root-cause it yet. However, I bisected to commit 48aab1606fa8 ("NFSD: Remove the cap on number of operations per NFSv4 COMPOUND"). Tianshuo Han also reports a potential vulnerability when decoding an NFSv4 COMPOUND. An attacker can place an arbitrarily large op count in the COMPOUND header, which results in: [ 51.410584] nfsd: vmalloc error: size 1209533382144, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0 when NFSD attempts to allocate the COMPOUND op array. Let's restore the operation-per-COMPOUND limit, but increased to 200 for now.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Nov 21, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

48aab1606fa80027143a445224f552b4eeea845b < b3ee7ce432289deac87b9d14e01f2fe6958f7f0b 48aab1606fa80027143a445224f552b4eeea845b < 3e7f011c255582d7c914133785bbba1990441713

Linux / Linux

6.17

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/b3ee7ce432289deac87b9d14e01f2fe6958f7f0b git.kernel.org: https://git.kernel.org/stable/c/3e7f011c255582d7c914133785bbba1990441713