VYPR
Unrated severityNVD Advisory· Published Sep 23, 2025· Updated Jan 14, 2026

fuse: Block access to folio overlimit

CVE-2025-39888

Description

In the Linux kernel, the following vulnerability has been resolved:

fuse: Block access to folio overlimit

syz reported a slab-out-of-bounds Write in fuse_dev_do_write.

When the number of bytes to be retrieved is truncated to the upper limit by fc->max_pages and there is an offset, the oob is triggered.

Add a loop termination condition to prevent overruns.

Affected products

2
  • Linux/Kernelllm-fuzzy2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: 6.16

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.

CVE-2025-39888 · VYPR