-

CVE-2025-39943

EPSS 0.02%
Veröffentlicht 04.10.2025 07:31:05
Zuletzt bearbeitet 06.10.2025 14:56:47
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transfer

If data_offset and data_length of smb_direct_data_transfer struct are
invalid, out of bounds issue could happen.
This patch validate data_offset and data_length field in recv_done.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 9

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 773fddf976d282ef059c36c575ddb81567acd6bc

Version 2ea086e35c3d726a3bacd0a971c1f02a50e98206

Status affected

Version < bdaab5c6538e250a9654127e688ecbbeb6f771d5

Version 2ea086e35c3d726a3bacd0a971c1f02a50e98206

Status affected

Version < eb0378dde086363046ed3d7db7f126fc3f76fd70

Version 2ea086e35c3d726a3bacd0a971c1f02a50e98206

Status affected

Version < 8be498fcbd5b07272f560b45981d4b9e5a2ad885

Version 2ea086e35c3d726a3bacd0a971c1f02a50e98206

Status affected

Version < 529b121b00a6ee3c88fb3c01b443b2b81f686d48

Version 2ea086e35c3d726a3bacd0a971c1f02a50e98206

Status affected

Version < 5282491fc49d5614ac6ddcd012e5743eecb6a67c

Version 2ea086e35c3d726a3bacd0a971c1f02a50e98206

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.15

Status affected

Version < 5.15

Version 0

Status unaffected

Version <= 5.15.*

Version 5.15.194

Status unaffected

Version <= 6.1.*

Version 6.1.154

Status unaffected

Version <= 6.6.*

Version 6.6.108

Status unaffected

Version <= 6.12.*

Version 6.12.49

Status unaffected

Version <= 6.16.*

Version 6.16.9

Status unaffected

Version <= *

Version 6.17

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.053

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/773fddf976d282ef059c36c575ddb81567acd6bc

https://git.kernel.org/stable/c/bdaab5c6538e250a9654127e688ecbbeb6f771d5

https://git.kernel.org/stable/c/eb0378dde086363046ed3d7db7f126fc3f76fd70

https://git.kernel.org/stable/c/8be498fcbd5b07272f560b45981d4b9e5a2ad885

https://git.kernel.org/stable/c/529b121b00a6ee3c88fb3c01b443b2b81f686d48

https://git.kernel.org/stable/c/5282491fc49d5614ac6ddcd012e5743eecb6a67c

https://nvd.nist.gov/vuln/detail/CVE-2025-39943

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-39943

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-39943

EUVD