Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transfer If data_offset and data_length of smb_direct_data_transfer struct are invalid, out of bounds issue could happen. This patch validate data_offset and data_length field in recv_done.

INFO

Published Date :

2025-10-04T07:31:05.581Z

Last Modified :

2025-10-04T07:37:03.203Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-39943 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-39943.

URL Resource
https://git.kernel.org/stable/c/5282491fc49d5614ac6ddcd012e5743eecb6a67c cve-icon cve-icon
https://git.kernel.org/stable/c/529b121b00a6ee3c88fb3c01b443b2b81f686d48 cve-icon cve-icon
https://git.kernel.org/stable/c/773fddf976d282ef059c36c575ddb81567acd6bc cve-icon cve-icon
https://git.kernel.org/stable/c/8be498fcbd5b07272f560b45981d4b9e5a2ad885 cve-icon cve-icon
https://git.kernel.org/stable/c/bdaab5c6538e250a9654127e688ecbbeb6f771d5 cve-icon cve-icon
https://git.kernel.org/stable/c/eb0378dde086363046ed3d7db7f126fc3f76fd70 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025100419-CVE-2025-39943-f5d8@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-39943 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-39943 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact