CVE-2025-40080
Description
In the Linux kernel, the following vulnerability has been resolved:
nbd: restrict sockets to TCP and UDP
Recently, syzbot started to abuse NBD with all kinds of sockets.
Commit cf1b2326b734 ("nbd: verify socket is supported during setup") made sure the socket supported a shutdown() method.
Explicitely accept TCP and UNIX stream sockets.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
NBD driver in Linux kernel was restricted to TCP and UNIX stream sockets to prevent abuse via unsupported socket types.
The vulnerability arises from the NBD (Network Block Device) driver in the Linux kernel failing to adequately restrict socket types during setup. Previously, the driver only verified that the socket had a shutdown() method, but this was insufficient to prevent abuse with unsupported socket types. The fix adds explicit acceptance of only TCP and UNIX stream sockets, closing a loophole that allowed syzbot to exploit the driver with a missing validation.
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
5c365e8f20f424f9e6ff6319d37ad11f20e16808e2335bc1c9f7c02e03157Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- git.kernel.org/stable/c/37ad11f20e164c23ce827dd455b42c0fdd29685cnvd
- git.kernel.org/stable/c/4f9e6ff6319dbcebea64b50af0304cf0ad7e97e7nvd
- git.kernel.org/stable/c/808e2335bc1cf2293b9e36ccc94c267c81509c71nvd
- git.kernel.org/stable/c/9f7c02e031570e8291a63162c6c046dc15ff85b0nvd
- git.kernel.org/stable/c/c365e8f20f4201d873a70385bd919f0fb531e960nvd
News mentions
0No linked articles in our index yet.