Linux Kernel NFS Vulnerability in Credential Management
CVE-2025-39912

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 October 2025

What is CVE-2025-39912?

A vulnerability in the Linux kernel's NFS implementation has been identified, where improper handling of credentials can lead to unintended behavior. When certain conditions are met, the NFS daemon may release file data prematurely, resulting in a situation that triggers an internal validation error related to current user credentials. This issue can potentially compromise the integrity of the system and should be addressed by updating to the latest kernel version where the vulnerability has been resolved.

Affected Version(s)

Linux b9f5dd57f4a52990963eeb1f1b58d00f717ece69 < 57c1bb02b4fc8eec6eb01736e7fad26dffacf18c

Linux b9f5dd57f4a52990963eeb1f1b58d00f717ece69

Linux b9f5dd57f4a52990963eeb1f1b58d00f717ece69 < 992203a1fba51b025c60ec0c8b0d9223343dea95

References

https://git.kernel.org/stable/c/57c1bb02b4fc8eec6eb01736e...

https://git.kernel.org/stable/c/c250be1d75bf80dc5ab46f0b4...

https://git.kernel.org/stable/c/992203a1fba51b025c60ec0c8...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 1, 2025
Vulnerability Reserved
Apr 16, 2025

JSON