Description

In the Linux kernel, the following vulnerability has been resolved: fuse: Block access to folio overlimit syz reported a slab-out-of-bounds Write in fuse_dev_do_write. When the number of bytes to be retrieved is truncated to the upper limit by fc->max_pages and there is an offset, the oob is triggered. Add a loop termination condition to prevent overruns.

INFO

Published Date :

2025-09-23T06:00:54.156Z

Last Modified :

2026-01-14T19:33:13.183Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-39888 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-39888.

URL Resource
https://git.kernel.org/stable/c/623719227b114d73a2cee45f1b343ced63ce09ec cve-icon cve-icon
https://git.kernel.org/stable/c/9d81ba6d49a7457784f0b6a71046818b86ec7e44 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025092303-CVE-2025-39888-3c85@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-39888 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-39888 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact