nvme-fc: use lock accessing port_state and rport state — CVE-2025-40342

Summary

Advisory CVE-2025-40342. nvme-fc: use lock accessing port_state and rport state Vendor: Microsoft. Source: MSRC. Threat: high. CVSS 7. See the official advisory for details.

What to do

General, cautious steps (verify details in the official source):

• Prioritize patching or mitigation immediately (treat as actively risky).
• Identify affected product versions in your inventory and verify whether you are impacted.
• Apply vendor patches/updates or recommended mitigations as soon as available.
• Read the official advisory for exact affected versions and remediation steps.

Official advisory

Read the official source

Related advisories

• 9p/trans_fd: p9_fd_request: kick rx thread if EPOLLIN CVE-2025-40305
• ALSA: dice: fix buffer overflow in detect_stream_formats() CVE-2025-68346
• amd/amdkfd: enhance kfd process check in switch partition CVE-2025-68174
• Apache HTTP Server: mod_md (ACME), unintended retry intervals CVE-2025-55753
• Apache HTTP Server: NTLM Leakage on Windows through UNC SSRF CVE-2025-59775
• Apache HTTP Server: Server Side Includes adds query string to #exec cmd=... CVE-2025-58098
• Application Information Service Elevation of Privilege Vulnerability CVE-2025-62572
• arrayLimit bypass in bracket notation allows DoS via memory exhaustion CVE-2025-15284
• ASoC: Intel: avs: Do not share the name pointer between components CVE-2025-40338
• Azure Cosmos DB Spoofing Vulnerability CVE-2025-64675
• Azure Monitor Agent Remote Code Execution Vulnerability CVE-2025-62550
• bfs: Reconstruct file type when loading from disk CVE-2025-68266