Unrated severityNVD Advisory· Published Sep 23, 2025· Updated Jan 14, 2026

fuse: Block access to folio overlimit

CVE-2025-39888

Description

In the Linux kernel, the following vulnerability has been resolved:

syz reported a slab-out-of-bounds Write in fuse_dev_do_write.

When the number of bytes to be retrieved is truncated to the upper limit by fc->max_pages and there is an offset, the oob is triggered.

Add a loop termination condition to prevent overruns.

No patches discovered yet.

AI mechanics synthesis has not run for this CVE yet.

No linked articles in our index yet.