You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2025 40307
About this tag
CVE-2025-40307 is a Linux kernel vulnerability in the exFAT driver that involves a logic error in allocation-bitmap validation. Crafted filesystems can cause the kernel to treat reserved clusters as free, leading to data loss when exFAT zeroes and reuses those clusters. The fix introduces a dedicated validation routine, exfat_test_bitmap_range. This issue is relevant for administrators handling removable media or disk images on Linux systems. Discussions on WindowsForum.com cover the technical details, impact, and patching guidance for this CVE.
A freshly published Linux-kernel CVE exposes a subtle but dangerous logic error in the exFAT driver: crafted filesystems can trick the kernel into treating allocation-bitmap clusters as free, allowing exFAT to zero and re-use clusters that should remain reserved — a flaw fixed by adding a...