CVE-2025-39888

Published: Sep 23, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: fuse: Block access to folio overlimit syz reported a slab-out-of-bounds Write in fuse_dev_do_write. When the number of bytes to be retrieved is truncated to the upper limit by fc->max_pages and there is an offset, the oob is triggered. Add a loop termination condition to prevent overruns.

Vendor	Product	Versions
Linux	Linux	affected `3568a956932621cafadafc8b75fcf6dc06555105 - < 623719227b114d73a2cee45f1b343ced63ce09ec` affected `3568a956932621cafadafc8b75fcf6dc06555105 - < 9d81ba6d49a7457784f0b6a71046818b86ec7e44`
Linux	Linux	affected `6.16` unaffected `0 - < 6.16` unaffected `6.16.8 - <= 6.16.` unaffected `6.17 - <= `

References

https://git.kernel.org/stable/c/623719227b114d73a2cee45f1b343ced63ce09ec

https://git.kernel.org/stable/c/9d81ba6d49a7457784f0b6a71046818b86ec7e44

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-39888

Description

Affected Products

References