Main Vulnerability Database Vulnerabilities #VU114901

#VU114901 Memory leak in Linux kernel - CVE-2025-39720

Published: September 8, 2025

Vulnerability identifier: #VU114901

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-39720

CWE-ID: CWE-401

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Linux kernel

Software vendor:
Linux Foundation

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the smb_send_parent_lease_break_noti(), smb_lazy_parent_lease_break_close() and smb_break_all_levII_oplock() functions in fs/smb/server/oplock.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's repository.

External links

https://git.kernel.org/stable/c/36e010bb865fbaa1202fe9bcce3fd486d6db7606
https://git.kernel.org/stable/c/89bb430f621124af39bb31763c4a8b504c9651e2
https://git.kernel.org/stable/c/9a7abce6e8c0e2145b346a6d4abf0d9655e9b0e8
https://git.kernel.org/stable/c/a1d2bab4d53368a526c97aba92671dd71814f95a

#VU114901 Memory leak in Linux kernel - CVE-2025-39720

Description

Remediation

External links

Please verify you're human