MNBSD-2025-1: Buffer overflow in some filesystems via NFS

Severity: Unknown

Affected Package: fs

Summary: Buffer overflow in some filesystems via NFS

Description

In order to export a file system via NFS, the file system must define a file system identifier (FID) for all exported files. Each file system implements operations to translate between FIDs and vnodes, the kernel's in-memory representation of files. These operations are VOP_VPTOFH(9) and VFS_FHTOVP(9). On 64-bit systems, the implementation of VOP_VPTOFH() in the cd9660, tarfs and ext2fs filesystems overflows the destination FID buffer by 4 bytes, a stack buffer overflow.

Affected Versions

fs

Specific versions:

3.0.0
3.0.1
3.0.2
3.0.3
3.0.4
3.0.5
3.1.0
3.1.1
3.1.2
3.1.3
3.1.4
3.1.5
3.2.0
3.2.1

Recommendations

Update to MidnightBSD 3.2.2 release by using the normal update procedure.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-0373
https://www.freebsd.org/security/advisories/FreeBSD-SA-25:03.etcupdate.asc
https://github.com/MidnightBSD/src/commit/459d2997d86265bf5b9eae927d7bad58e9cf6d78

Additional Information

Aliases: FreeBSD-SA-25:02.fs, CVE-2025-0373

Published: March 24, 2025
Last Modified: March 24, 2025