CVE-2025-39975

Published: Oct 15, 2025

Modified: May 23, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix wrong index reference in smb2_compound_op() In smb2_compound_op(), the loop that processes each command's response uses wrong indices when accessing response bufferes. This incorrect indexing leads to improper handling of command results. Also, if incorrectly computed index is greather than or equal to MAX_COMPOUND, it can cause out-of-bounds accesses.

Vendor	Product	Versions
Linux	Linux	affected `5ddcc9e92d54548219985ce4de88618fb53e14ec - < ba7bcfd52c66dd1c2dfa5142aca7e4a70b62dfa5` affected `efe8db3ecaa40a8520dc9a54283dcecd82ceea9c - < bfb1e2aad1fecef8320fd71332acde0d53a8d699` affected `3681c74d342db75b0d641ba60de27bf73e16e66b - < 093615fc76063ea08d454ba86677ce64c736e806` affected `3681c74d342db75b0d641ba60de27bf73e16e66b - < fbe2dc6a9c7318f7263f5e4d50f6272b931c5756` affected `77aefd1d9b790f60634adebbdcfffbe934f41c34` +3 more versions
Linux	Linux	affected `6.14` unaffected `0 - < 6.14` unaffected `6.6.109 - <= 6.6.` unaffected `6.12.50 - <= 6.12.` unaffected `6.16.10 - <= 6.16.*` +1 more versions

References

https://git.kernel.org/stable/c/ba7bcfd52c66dd1c2dfa5142aca7e4a70b62dfa5

https://git.kernel.org/stable/c/bfb1e2aad1fecef8320fd71332acde0d53a8d699

https://git.kernel.org/stable/c/093615fc76063ea08d454ba86677ce64c736e806

https://git.kernel.org/stable/c/fbe2dc6a9c7318f7263f5e4d50f6272b931c5756

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-39975

Description

Affected Products

References