Linux Kernel Vulnerability in SMB Client Handling
CVE-2025-39975

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
15 October 2025

What is CVE-2025-39975?

A vulnerability has been identified in the Linux kernel's SMB client, specifically in the smb2_compound_op() function. The issue arises from improper indexing when accessing response buffers during command processing. As a result, this can lead to incorrect handling of command results and could potentially allow for out-of-bounds accesses if the index is incorrectly computed to be greater than or equal to MAX_COMPOUND. This flaw underscores the importance of proper index management in ensuring the integrity and security of system operations.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 5ddcc9e92d54548219985ce4de88618fb53e14ec

Linux efe8db3ecaa40a8520dc9a54283dcecd82ceea9c

Linux 3681c74d342db75b0d641ba60de27bf73e16e66b < 093615fc76063ea08d454ba86677ce64c736e806

References

https://git.kernel.org/stable/c/ba7bcfd52c66dd1c2dfa5142a...
https://git.kernel.org/stable/c/bfb1e2aad1fecef8320fd7133...
https://git.kernel.org/stable/c/093615fc76063ea08d454ba86...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.