CVE-2025-0373 is a security vulnerability identified in certain filesystems of FreeBSD operating systems. Specifically, on 64-bit systems, the function VOP_VPTOFH() in the cd9660, tarfs, and ext2fs filesystems contains a stack buffer overflow that overflows the destination FID buffer by 4 bytes. This vulnerability can be exploited when an NFS server exports one of these affected filesystems; an NFS client mounting and accessing the export can cause the server to panic. While further exploitation, such as bypassing file permission checks or executing remote kernel code, is theoretically possible, it has not been demonstrated. Notably, FreeBSD release kernels are compiled with stack protection enabled, which catches some instances of this overflow and causes a panic, thereby mitigating potential exploitation.
Affected versions of FreeBSD include:
- 14.2-RELEASE before p1
- 14.1-RELEASE before p7
- 13.4-RELEASE before p3
Patches have been released to mitigate the vulnerability, and users are advised to update their systems promptly to avoid exploitation.
See more details on: