U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

CVE-2025-39943 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transfer If data_offset and data_length of smb_direct_data_transfer struct are invalid, out of bounds issue could happen. This patch validate data_offset and data_length field in recv_done.


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL Source(s) Tag(s)
https://git.kernel.org/stable/c/5282491fc49d5614ac6ddcd012e5743eecb6a67c kernel.org
https://git.kernel.org/stable/c/529b121b00a6ee3c88fb3c01b443b2b81f686d48 kernel.org
https://git.kernel.org/stable/c/773fddf976d282ef059c36c575ddb81567acd6bc kernel.org
https://git.kernel.org/stable/c/8be498fcbd5b07272f560b45981d4b9e5a2ad885 kernel.org
https://git.kernel.org/stable/c/bdaab5c6538e250a9654127e688ecbbeb6f771d5 kernel.org
https://git.kernel.org/stable/c/eb0378dde086363046ed3d7db7f126fc3f76fd70 kernel.org

Weakness Enumeration

CWE-ID CWE Name Source

Change History

1 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2025-39943
NVD Published Date:
10/04/2025
NVD Last Modified:
10/04/2025
Source:
kernel.org