Memory Leak Vulnerability in Linux Kernel smb Client by Vendor
CVE-2025-39929

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 October 2025

What is CVE-2025-39929?

A memory leak vulnerability has been identified in the Linux kernel's smb client component during error handling in the smbd_negotiate() function. When the function encounters certain errors, it fails to properly release allocated objects, leading to objects remaining in memory. This leak can potentially deplete system resources over time, impacting performance. Affected versions of the Linux kernel may require immediate patching to mitigate resource exhaustion risks.

Affected Version(s)

Linux f198186aa9bbd60fae7a2061f4feec614d880299 < 3d7c075c878ac844e33c43e506c2fa27ac7e9689

Linux f198186aa9bbd60fae7a2061f4feec614d880299

Linux f198186aa9bbd60fae7a2061f4feec614d880299 < 922338efaad63cfe30d459dfc59f9d69ff93ded4

References

https://git.kernel.org/stable/c/3d7c075c878ac844e33c43e50...

https://git.kernel.org/stable/c/e7b7a93879558e77d950f1ff9...

https://git.kernel.org/stable/c/922338efaad63cfe30d459dfc...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 4, 2025
Vulnerability Reserved
Apr 16, 2025

JSON