CVE-2025-40068

🗓️ 28 Oct 2025 19:11:55Reported by redhat.comType

redhatcve

redhatcve🔗 access.redhat.com👁 2 Views

Linux kernel NTFS file system fixes integer overflow in run_unpack decoding runlists to prevent disk data access or destruction.

Reporter	Title	Published	Views	Family All 269
Tenable Nessus	Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2025-1253)	28 Oct 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2025-1254)	28 Oct 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2025-095 (ALASKERNEL-5.15-2025-095)	8 Dec 202500:00	–	nessus
Tenable Nessus	Debian dla-4379 : linux-config-6.1 - security update	25 Nov 202500:00	–	nessus
Tenable Nessus	Debian dsa-6053 : affs-modules-6.1.0-37-4kc-malta-di - security update	11 Nov 202500:00	–	nessus
Tenable Nessus	Photon OS 5.0: Linux PHSA-2025-5.0-0655	24 Oct 202500:00	–	nessus
Tenable Nessus	Ubuntu 25.10 : Linux kernel vulnerabilities (USN-8029-1)	13 Feb 202600:00	–	nessus
Tenable Nessus	Ubuntu 25.10 : Linux kernel (GCP) vulnerabilities (USN-8030-1)	13 Feb 202600:00	–	nessus
Tenable Nessus	Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-8033-1)	13 Feb 202600:00	–	nessus
Tenable Nessus	Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel (NVIDIA Tegra) vulnerabilities (USN-8034-1)	13 Feb 202600:00	–	nessus

Source	Link
cve	www.cve.org/CVERecord
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-40068
lore	www.lore.kernel.org/linux-cve-announce/2025102818-CVE-2025-40068-1b0e@gregkh/T
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

26 Nov 2025 13:32Current

5.8Medium risk

Vulners AI Score5.8

EPSS0.00062

linux kernel ntfs file system run_unpack overflow runlist validation mft record