{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-40307","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-04-16T07:20:57.185Z","datePublished":"2025-12-08T00:46:32.659Z","dateUpdated":"2026-05-11T21:46:49.337Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T21:46:49.337Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nexfat: validate cluster allocation bits of the allocation bitmap\n\nsyzbot created an exfat image with cluster bits not set for the allocation\nbitmap. exfat-fs reads and uses the allocation bitmap without checking\nthis. The problem is that if the start cluster of the allocation bitmap\nis 6, cluster 6 can be allocated when creating a directory with mkdir.\nexfat zeros out this cluster in exfat_mkdir, which can delete existing\nentries. This can reallocate the allocated entries. In addition,\nthe allocation bitmap is also zeroed out, so cluster 6 can be reallocated.\nThis patch adds exfat_test_bitmap_range to validate that clusters used for\nthe allocation bitmap are correctly marked as in-use."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/exfat/balloc.c"],"versions":[{"version":"1acf1a564b6034b5af1e7fb23cb98cb3bb4f6003","lessThan":"6bc58b4c53795ab5fe00648344aa7d9d61175f90","status":"affected","versionType":"git"},{"version":"1acf1a564b6034b5af1e7fb23cb98cb3bb4f6003","lessThan":"13c1d24803d5b0446b3f6f0fdd67e07ac1fdc7bf","status":"affected","versionType":"git"},{"version":"1acf1a564b6034b5af1e7fb23cb98cb3bb4f6003","lessThan":"79c1587b6cda74deb0c86fc7ba194b92958c793c","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/exfat/balloc.c"],"versions":[{"version":"5.7","status":"affected"},{"version":"0","lessThan":"5.7","status":"unaffected","versionType":"semver"},{"version":"6.12.58","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.17.8","lessThanOrEqual":"6.17.*","status":"unaffected","versionType":"semver"},{"version":"6.18","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.7","versionEndExcluding":"6.12.58"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.7","versionEndExcluding":"6.17.8"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.7","versionEndExcluding":"6.18"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/6bc58b4c53795ab5fe00648344aa7d9d61175f90"},{"url":"https://git.kernel.org/stable/c/13c1d24803d5b0446b3f6f0fdd67e07ac1fdc7bf"},{"url":"https://git.kernel.org/stable/c/79c1587b6cda74deb0c86fc7ba194b92958c793c"}],"title":"exfat: validate cluster allocation bits of the allocation bitmap","x_generator":{"engine":"bippy-1.2.0"}}}}