CVE-2025-40099 | Linux Kernel up to 6.1.157/6.6.113/6.12.54/6.17.4/6.18-rc1 cifs parse_dfs_referrals out-of-bounds

A vulnerability was found in Linux Kernel up to 6.1.157/6.6.113/6.12.54/6.17.4/6.18-rc1. It has been declared as critical. Affected is the function parse_dfs_referrals of the component cifs. Such manipulation leads to out-of-bounds read.

This vulnerability is referenced as CVE-2025-40099. The attack needs to be initiated within the local network. No exploit is available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More