CVE-2025-21962: cifs: Fix integer overflow while processing closetimeo mount option
First published: Tue Apr 01 2025(Updated: )
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing closetimeo mount option User-provided mount parameter closetimeo of type u32 is intended to have an upper limit, but before it is validated, the value is converted from seconds to jiffies which can lead to an integer overflow. Found by Linux Verification Center (linuxtesting.org) with SVACE.
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Kernel | ||
| Linux Kernel | >=5.15.107<5.15.180 | |
| Linux Kernel | >=6.0<6.1.132 | |
| Linux Kernel | >=6.2<6.6.84 | |
| Linux Kernel | >=6.7<6.12.20 | |
| Linux Kernel | >=6.13<6.13.8 | |
| Linux Kernel | =6.14-rc1 | |
| Linux Kernel | =6.14-rc2 | |
| Linux Kernel | =6.14-rc3 | |
| Linux Kernel | =6.14-rc4 | |
| Linux Kernel | =6.14-rc5 | |
| Linux Kernel | =6.14-rc6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://git.kernel.org/stable/c/1c46673be93dd2954f44fe370fb4f2b8e6214224
- https://git.kernel.org/stable/c/6c13fcb7cf59ae65940da1dfea80144e42921e53
- https://git.kernel.org/stable/c/9968fcf02cf6b0f78fbacf3f63e782162603855a
- https://git.kernel.org/stable/c/b24edd5c191c2689c59d0509f0903f9487eb6317
- https://git.kernel.org/stable/c/d5a30fddfe2f2e540f6c43b59cf701809995faef
- https://git.kernel.org/stable/c/513f6cf2e906a504b7ab0b62b2eea993a6f64558
Frequently Asked Questions
What is the severity of CVE-2025-21962?
CVE-2025-21962 has been classified with a moderate severity level due to the potential for integer overflow exploiting the closetimeo mount option.
How do I fix CVE-2025-21962?
To fix CVE-2025-21962, update your Linux kernel to the latest version that includes the patch for the integer overflow vulnerability.
Which versions of the Linux Kernel are affected by CVE-2025-21962?
CVE-2025-21962 affects multiple versions of the Linux Kernel that have not implemented the fix for the closetimeo mount option vulnerability.
What are the impacts of exploiting CVE-2025-21962?
Exploiting CVE-2025-21962 could lead to system instability or unauthorized access depending on the context in which the vulnerability is exploited.
Who is responsible for patching CVE-2025-21962?
The responsibility for patching CVE-2025-21962 lies with system administrators and users of affected Linux Kernel versions.
- agent/weakness
- agent/title
- agent/description
- agent/type
- agent/first-publish-date
- agent/guess-ai
- agent/software-canonical-lookup
- agent/source
- agent/author
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/tags
- agent/severity
- agent/last-modified-date
- agent/remedy
- agent/softwarecombine
- agent/event
- collector/nvd-api
- source/NVD
- vendor/linux
- canonical/linux kernel
- version/linux kernel/5.15.107
- version/linux kernel/6.0
- version/linux kernel/6.2
- version/linux kernel/6.7
- version/linux kernel/6.13
- version/linux kernel/6.14-rc1
- version/linux kernel/6.14-rc2
- version/linux kernel/6.14-rc3
- version/linux kernel/6.14-rc4
- version/linux kernel/6.14-rc5
- version/linux kernel/6.14-rc6