High severity7.1NVD Advisory· Published Oct 4, 2025· Updated Apr 6, 2026
CVE-2025-39943
CVE-2025-39943
Description
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transfer
If data_offset and data_length of smb_direct_data_transfer struct are invalid, out of bounds issue could happen. This patch validate data_offset and data_length field in recv_done.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 9 more
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=5.15.1,<5.15.194
- cpe:2.3:o:linux:linux_kernel:5.15:-:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:5.15:rc7:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.17:rc1:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.17:rc2:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.17:rc3:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.17:rc4:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.17:rc5:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.17:rc6:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
6- git.kernel.org/stable/c/5282491fc49d5614ac6ddcd012e5743eecb6a67cnvdPatch
- git.kernel.org/stable/c/529b121b00a6ee3c88fb3c01b443b2b81f686d48nvdPatch
- git.kernel.org/stable/c/773fddf976d282ef059c36c575ddb81567acd6bcnvdPatch
- git.kernel.org/stable/c/8be498fcbd5b07272f560b45981d4b9e5a2ad885nvdPatch
- git.kernel.org/stable/c/bdaab5c6538e250a9654127e688ecbbeb6f771d5nvdPatch
- git.kernel.org/stable/c/eb0378dde086363046ed3d7db7f126fc3f76fd70nvdPatch
News mentions
0No linked articles in our index yet.