- CVE ID
- CVE-2025-40203
- CWE
- N/A
- CVE Description
- In the Linux kernel, the following vulnerability has been resolved:
listmount: don't call path_put() under namespace semaphore
Massage listmount() and make sure we don't call path_put() under the
namespace semaphore. If we put the last reference we're fscked.
- Published
- Nov 14, 2025
- CVSS Score & Severity
5.6Medium
- CVSS Vector
- CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L
- EPSS Score
- 0.032%
- KEV Status
Not in KEV Catalog: No known exploits
- Source
- National Vulnerability Database
