SB20250916340 - Resource management error in Linux kernel smb client
Published: September 16, 2025
Security Bulletin ID
SB20250916340
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Resource management error (CVE-ID: CVE-2025-39819)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the smb2_compound_op() function in fs/smb/client/smb2inode.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/3fc11ff13fbc2749871d6ac2141685cf54699997
- https://git.kernel.org/stable/c/4191ea1f0bb3e27d65c5dcde7bd00e709ec67141
- https://git.kernel.org/stable/c/4735f5991f51468b85affb8366b7067248457a71
- https://git.kernel.org/stable/c/ab529e6ca1f67bcf31f3ea80c72bffde2e9e053e
- https://git.kernel.org/stable/c/cc82c6dff548f0066a51a6e577c7454e7d26a968