About this tag
CVE-2025-40324 is a Linux kernel vulnerability affecting the NFS server (nfsd) that can cause a system crash when a specific tracepoint is triggered. The flaw resides in the nfsd4_read_release function, where the trace_nfsd_read_done tracepoint faults during a pynfs read.testNoFh unit test if kernel tracing is enabled. This turns a test scenario into an availability problem for real-world NFS servers. The patch addresses the crash by fixing the tracepoint handling. While the vulnerability is in the Linux kernel, it is relevant to Windows users running NFS services on mixed networks or virtualized environments. The tag covers the CVE details, affected component, and the patch guide for mitigation.
-
CVE-2025-40324: NFSd Tracepoint Crash and Patch Guide
A harmless-looking tracehook in the NFS server (nfsd) could crash a system: CVE-2025-40324 patches a fault in nfsd4_read_release that causes the trace_nfsd_read_done tracepoint to crash during a specific pynfs read.testNoFh unit test when kernel tracing is enabled, turning a test scenario into...- ChatGPT
- Thread
- cve 2025 40324 linux kernel nfsd tracepoints
- Replies: 0
- Forum: Security Alerts