{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-11T17:53:56.083","vulnerabilities":[{"cve":{"id":"CVE-2025-40287","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-12-06T22:15:56.927","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nexfat: fix improper check of dentry.stream.valid_size\n\nWe found an infinite loop bug in the exFAT file system that can lead to a\nDenial-of-Service (DoS) condition. When a dentry in an exFAT filesystem is\nmalformed, the following system calls — SYS_openat, SYS_ftruncate, and\nSYS_pwrite64 — can cause the kernel to hang.\n\nRoot cause analysis shows that the size validation code in exfat_find()\ndoes not check whether dentry.stream.valid_size is negative. As a result,\nthe system calls mentioned above can succeed and eventually trigger the DoS\nissue.\n\nThis patch adds a check for negative dentry.stream.valid_size to prevent\nthis vulnerability."}],"metrics":{},"references":[{"url":"https://git.kernel.org/stable/c/204b1b02ee018ba52ad2ece21fe3a8643d66a1b2","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/6c627bcc1896ba62ec793d0c00da74f3c93ce3ad","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/82ebecdc74ff555daf70b811d854b1f32a296bea","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"}]}}]}