CVE-2025-40072

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> fanotify: Validate the return value of mnt_ns_from_dentry() before dereferencing<br /> <br /> The function do_fanotify_mark() does not validate if<br /> mnt_ns_from_dentry() returns NULL before dereferencing mntns-&gt;user_ns.<br /> This causes a NULL pointer dereference in do_fanotify_mark() if the<br /> path is not a mount namespace object.<br /> <br /> Fix this by checking mnt_ns_from_dentry()&amp;#39;s return value before<br /> dereferencing it.<br /> <br /> Before the patch<br /> <br /> $ gcc fanotify_nullptr.c -o fanotify_nullptr<br /> $ mkdir A<br /> $ ./fanotify_nullptr<br /> Fanotify fd: 3<br /> fanotify_mark: Operation not permitted<br /> $ unshare -Urm<br /> Fanotify fd: 3<br /> Killed<br /> <br /> int main(void){<br /> int ffd;<br /> ffd = fanotify_init(FAN_CLASS_NOTIF | FAN_REPORT_MNT, 0);<br /> if(ffd