CVE-2025-40087

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-40087

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40087.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-40087

Downstream

BELL-CVE-2025-40087

DEBIAN-CVE-2025-40087

DLA-4379-1

DLA-4404-1

DSA-6053-1

ECHO-9ec8-9e3d-852d

OESA-2026-1303

OESA-2026-1304

OESA-2026-1305

ROOT-OS-DEBIAN-11-CVE-2025-40087

ROOT-OS-DEBIAN-12-CVE-2025-40087

ROOT-OS-DEBIAN-13-CVE-2025-40087

ROOT-OS-UBUNTU-2204-CVE-2025-40087

ROOT-OS-UBUNTU-2404-CVE-2025-40087

SUSE-SU-2025:21040-1

SUSE-SU-2025:21052-1

SUSE-SU-2025:21056-1

SUSE-SU-2025:21064-1

SUSE-SU-2025:21080-1

SUSE-SU-2025:21147-1

SUSE-SU-2025:21180-1

SUSE-SU-2025:4057-1

SUSE-SU-2025:4128-1

SUSE-SU-2025:4132-1

SUSE-SU-2025:4140-1

SUSE-SU-2025:4141-1

SUSE-SU-2025:4301-1

SUSE-SU-2026:0473-1

UBUNTU-CVE-2025-40087

USN-8029-1

USN-8029-2

USN-8029-3

USN-8030-1

USN-8033-1

USN-8033-2

USN-8033-3

USN-8033-4

USN-8033-5

USN-8033-6

USN-8033-7

USN-8033-8

USN-8034-1

USN-8034-2

USN-8048-1

openSUSE-SU-2025:15702-1

openSUSE-SU-2025:20091-1

openSUSE-SU-2026:10301-1

Related

Published

2025-10-30T09:47:56.675Z

Modified

2026-03-12T03:54:32.355443Z

Summary

NFSD: Define a proc_layoutcommit for the FlexFiles layout type

Details

In the Linux kernel, the following vulnerability has been resolved:

NFSD: Define a proc_layoutcommit for the FlexFiles layout type

Avoid a crash if a pNFS client should happen to send a LAYOUTCOMMIT operation on a FlexFiles layout.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/40xxx/CVE-2025-40087.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

9b9960a0ca4773e21c4b153ed355583946346b25

Fixed

a75994dd879401c3e24ff51c2536559f1a53ea27

Fixed

34d187e020cbda112a6c6f094f0ca5e6a8672b75

Fixed

ba88a53d7f5df4191583abf214214efe0cda91d2

Fixed

da9129ef77786839a3ccd1d7afeeab790bceaa1d

Fixed

f7353208c91ab004e0179c5fb6c365b0f132f9f0

Fixed

a156af6a4dc38c2aa7c98e89520a70fb3b3e7df4

Fixed

785ec512afa80d0540f2ca797c0e56de747a6083

Fixed

4b47a8601b71ad98833b447d465592d847b4dc77

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40087.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

4.8.0

Fixed

5.4.301

Type: ECOSYSTEM
Events: Introduced

5.5.0

Fixed

5.10.246

Type: ECOSYSTEM
Events: Introduced

5.11.0

Fixed

5.15.196

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.158

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.114

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.12.55

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.17.5

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40087.json"