-

CVE-2025-39943

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transfer

If data_offset and data_length of smb_direct_data_transfer struct are
invalid, out of bounds issue could happen.
This patch validate data_offset and data_length field in recv_done.

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
Produkt Linux
Default Statusunaffected
Version < 773fddf976d282ef059c36c575ddb81567acd6bc
Version 2ea086e35c3d726a3bacd0a971c1f02a50e98206
Status affected
Version < bdaab5c6538e250a9654127e688ecbbeb6f771d5
Version 2ea086e35c3d726a3bacd0a971c1f02a50e98206
Status affected
Version < eb0378dde086363046ed3d7db7f126fc3f76fd70
Version 2ea086e35c3d726a3bacd0a971c1f02a50e98206
Status affected
Version < 8be498fcbd5b07272f560b45981d4b9e5a2ad885
Version 2ea086e35c3d726a3bacd0a971c1f02a50e98206
Status affected
Version < 529b121b00a6ee3c88fb3c01b443b2b81f686d48
Version 2ea086e35c3d726a3bacd0a971c1f02a50e98206
Status affected
Version < 5282491fc49d5614ac6ddcd012e5743eecb6a67c
Version 2ea086e35c3d726a3bacd0a971c1f02a50e98206
Status affected
HerstellerLinux
Produkt Linux
Default Statusaffected
Version 5.15
Status affected
Version < 5.15
Version 0
Status unaffected
Version <= 5.15.*
Version 5.15.194
Status unaffected
Version <= 6.1.*
Version 6.1.154
Status unaffected
Version <= 6.6.*
Version 6.6.108
Status unaffected
Version <= 6.12.*
Version 6.12.49
Status unaffected
Version <= 6.16.*
Version 6.16.9
Status unaffected
Version <= *
Version 6.17
Status unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.02% 0.053
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String