CVE-2025-21962

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-21962
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21962.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-21962
Downstream
Related
Published
2025-04-01T15:46:59.285Z
Modified
2026-03-11T07:46:43.069227Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
cifs: Fix integer overflow while processing closetimeo mount option
Details

In the Linux kernel, the following vulnerability has been resolved:

cifs: Fix integer overflow while processing closetimeo mount option

User-provided mount parameter closetimeo of type u32 is intended to have an upper limit, but before it is validated, the value is converted from seconds to jiffies which can lead to an integer overflow.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/21xxx/CVE-2025-21962.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1d9cad9c5873097ea141ffc5da1e7921ce765aa8
Fixed
513f6cf2e906a504b7ab0b62b2eea993a6f64558
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
5efdd9122eff772eae2feae9f0fc0ec02d4846a3
Fixed
9968fcf02cf6b0f78fbacf3f63e782162603855a
Fixed
6c13fcb7cf59ae65940da1dfea80144e42921e53
Fixed
1c46673be93dd2954f44fe370fb4f2b8e6214224
Fixed
b24edd5c191c2689c59d0509f0903f9487eb6317
Fixed
d5a30fddfe2f2e540f6c43b59cf701809995faef

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21962.json"