Linux Kernel Vulnerability in SMB Client
CVE-2025-39933

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 October 2025

What is CVE-2025-39933?

A vulnerability has been identified in the Linux kernel that affects the SMB client functionality. This issue allows the 'recv_done' function to inadequately verify parameters related to data transfer, specifically 'data_offset', 'data_length', and 'remaining_data_length'. If exploited, this flaw may lead to unexpected behavior or potential data integrity issues. It is recommended that users of affected Linux kernel versions apply the latest updates and patches to mitigate the risk associated with this vulnerability.

Affected Version(s)

Linux f198186aa9bbd60fae7a2061f4feec614d880299 < 581fb78e0388b78911b0c920e4073737090c8b5f

Linux f198186aa9bbd60fae7a2061f4feec614d880299

Linux 4.16

References

https://git.kernel.org/stable/c/581fb78e0388b78911b0c920e...

https://git.kernel.org/stable/c/f57e53ea252363234f86674db...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 4, 2025
Vulnerability Reserved
Apr 16, 2025

JSON