SB2025100432 - Buffer overflow in Linux kernel smb server
Published: October 4, 2025
Security Bulletin ID
SB2025100432
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Buffer overflow (CVE-ID: CVE-2025-39942)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the recv_done() function in fs/smb/server/transport_rdma.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/196a3a7676d726ee67621ea2bf3b7815ac2685b4
- https://git.kernel.org/stable/c/9644798294c7287e65a7b26e35aa6d2ce3345bcc
- https://git.kernel.org/stable/c/c64b915bb3d9339adcae5db4be2c35ffbef5e615
- https://git.kernel.org/stable/c/d3cb3f209d35c44b7ee74f77ed27ebb28995b9ce
- https://git.kernel.org/stable/c/e1868ba37fd27c6a68e31565402b154beaa65df0