CVE-2025-40080: 
Linux Kernel vulnerability analysis and mitigation

CVE-2025-40080 is a vulnerability discovered in the Linux kernel related to Network Block Device (NBD) socket restrictions. The vulnerability was published on October 28, 2025, and affects various Linux distributions. The issue specifically involves the NBD implementation's handling of socket types, where syzbot was able to abuse NBD with various socket types beyond the intended TCP and UDP protocols (NVD).

The vulnerability stems from insufficient socket type restrictions in the Linux kernel's NBD implementation. A previous fix (commit cf1b2326b734) had implemented a verification mechanism to ensure sockets supported the shutdown() method, but further restrictions were needed to explicitly limit connections to TCP and UNIX stream sockets only (Ubuntu).

The vulnerability affects multiple Linux distributions and various kernel versions, particularly impacting Ubuntu distributions across different versions including 22.04 LTS (jammy), 24.04 LTS (noble), and 25.04 (plucky). Several kernel variants including linux-aws, linux-azure, linux-gcp, and linux-kvm are marked as vulnerable (Ubuntu).

The vulnerability has been addressed in various Linux distributions through security updates. For Ubuntu systems, updates have been released for affected versions, with some older versions being marked as 'Not in release' or 'Ignored' due to various criteria including ESM status (Ubuntu).