Security Advisory

CVE-2025-40080

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-28 11:48:44

Last updated 2026-05-23 16:01:22

Assigner Linux

State PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: nbd: restrict sockets to TCP and UDP Recently, syzbot started to abuse NBD with all kinds of sockets. Commit cf1b2326b734 ("nbd: verify socket is supported during setup") made sure the socket supported a shutdown() method. Explicitely accept TCP and UNIX stream sockets.

← Browse all CVEs View on cve.org ↗