VDB

DEBIAN-CVE-2025-40198

DEBIAN-CVE-2025-40198 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid potential buffer over-read in parse_apply_sb_mount_options() Unlike other strings in the ext4 superblock, we rely on tune2fs to make sure s_mount_opts is NUL terminated. Harden parse_apply_sb_mount_options() by treating s_mount_opts as a potential __nonstring.

Affected Products

VendorProductVersions
Debian:12linux0, 6.1.106-1, 6.1.112-1
Debian:14linux6.16-1, 6.16.1-1, 6.16.10-1
Debian:11linux-6.1*, 0, 6.1.106-3
Debian:13linux6.12.57-1~bpo12+1, 0, 6.12.38-1
Debian:11linux5.10.70-1~bpo10+1, 5.10.84-1, 5.10.92-1

Exploit Intelligence

Timeline

  • Nov 12, 2025 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›