CVE-2025-39943

EUVD-2025-32382
In the Linux kernel, the following vulnerability has been resolved:

ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transfer

If data_offset and data_length of smb_direct_data_transfer struct are
invalid, out of bounds issue could happen.
This patch validate data_offset and data_length field in recv_done.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.1 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 5%
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
5.15.1 ≤
𝑥
< 5.15.194
linuxlinux_kernel
5.16 ≤
𝑥
< 6.1.154
linuxlinux_kernel
6.2 ≤
𝑥
< 6.6.108
linuxlinux_kernel
6.7 ≤
𝑥
< 6.12.49
linuxlinux_kernel
6.13 ≤
𝑥
< 6.16.9
linuxlinux_kernel
5.15
linuxlinux_kernel
5.15:rc7
linuxlinux_kernel
6.17:rc1
linuxlinux_kernel
6.17:rc2
linuxlinux_kernel
6.17:rc3
linuxlinux_kernel
6.17:rc4
linuxlinux_kernel
6.17:rc5
linuxlinux_kernel
6.17:rc6
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://git.kernel.org/stable/c/5282491fc49d5614ac6ddcd012e5743eecb6a67c
https://git.kernel.org/stable/c/529b121b00a6ee3c88fb3c01b443b2b81f686d48
https://git.kernel.org/stable/c/773fddf976d282ef059c36c575ddb81567acd6bc
https://git.kernel.org/stable/c/8be498fcbd5b07272f560b45981d4b9e5a2ad885
https://git.kernel.org/stable/c/bdaab5c6538e250a9654127e688ecbbeb6f771d5
https://git.kernel.org/stable/c/eb0378dde086363046ed3d7db7f126fc3f76fd70