{"id":"CVE-2025-21962","summary":"cifs: Fix integer overflow while processing closetimeo mount option","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix integer overflow while processing closetimeo mount option\n\nUser-provided mount parameter closetimeo of type u32 is intended to have\nan upper limit, but before it is validated, the value is converted from\nseconds to jiffies which can lead to an integer overflow.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.","modified":"2026-05-18T05:56:14.962430789Z","published":"2025-04-01T15:46:59.285Z","related":["ALSA-2025:12746","SUSE-SU-2025:01614-1","SUSE-SU-2025:01707-1","SUSE-SU-2025:01919-1","SUSE-SU-2025:01951-1","SUSE-SU-2025:01964-1","SUSE-SU-2025:01967-1","SUSE-SU-2025:01972-1","SUSE-SU-2025:20343-1","SUSE-SU-2025:20344-1","SUSE-SU-2025:20354-1","SUSE-SU-2025:20355-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/21xxx/CVE-2025-21962.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/1c46673be93dd2954f44fe370fb4f2b8e6214224"},{"type":"WEB","url":"https://git.kernel.org/stable/c/513f6cf2e906a504b7ab0b62b2eea993a6f64558"},{"type":"WEB","url":"https://git.kernel.org/stable/c/6c13fcb7cf59ae65940da1dfea80144e42921e53"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9968fcf02cf6b0f78fbacf3f63e782162603855a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b24edd5c191c2689c59d0509f0903f9487eb6317"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d5a30fddfe2f2e540f6c43b59cf701809995faef"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/21xxx/CVE-2025-21962.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21962"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"1d9cad9c5873097ea141ffc5da1e7921ce765aa8"},{"fixed":"513f6cf2e906a504b7ab0b62b2eea993a6f64558"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"5efdd9122eff772eae2feae9f0fc0ec02d4846a3"},{"fixed":"9968fcf02cf6b0f78fbacf3f63e782162603855a"},{"fixed":"6c13fcb7cf59ae65940da1dfea80144e42921e53"},{"fixed":"1c46673be93dd2954f44fe370fb4f2b8e6214224"},{"fixed":"b24edd5c191c2689c59d0509f0903f9487eb6317"},{"fixed":"d5a30fddfe2f2e540f6c43b59cf701809995faef"}]}],"versions":["v5.15.179","v5.15.178","v5.15.177","v5.15.176","v5.15.175","v5.15.174","v5.15.173","v5.15.172","v5.15.171","v5.15.170","v5.15.169","v5.15.168","v5.15.167","v5.15.166","v5.15.165","v5.15.164","v5.15.163","v5.15.162","v5.15.161","v5.15.160","v5.15.159","v5.15.158","v5.15.157","v5.15.156","v5.15.155","v5.15.154","v5.15.153","v5.15.152","v5.15.151","v5.15.150","v5.15.149","v5.15.148","v5.15.147","v5.15.146","v5.15.145","v5.15.144","v5.15.143","v5.15.142","v5.15.141","v5.15.140","v5.15.139","v5.15.138","v5.15.137","v5.15.136","v5.15.135","v5.15.134","v5.15.133","v5.15.132","v5.15.131","v5.15.130","v5.15.129","v5.15.128","v5.15.127","v5.15.126","v5.15.125","v5.15.124","v5.15.123","v5.15.122","v5.15.121","v5.15.120","v5.15.119","v5.15.118","v5.15.117","v5.15.116","v5.15.115","v5.15.114","v5.15.113","v5.15.112","v5.15.111","v5.15.110","v5.15.109","v5.15.108","v5.15.107"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21962.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.15.180"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.132"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.0.0"},{"fixed":"6.6.84"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.12.20"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.13.8"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21962.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}