CVE-2025-39929

MEDIUM

Linux Kernel - Buffer Overflow

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix smbdirect_recv_io leak in smbd_negotiate() error path During tests of another unrelated patch I was able to trigger this error: Objects remaining on __kmem_cache_shutdown()

References (5)

[Patch] https://git.kernel.org/stable/c/0991418bf98f191d0c320bd25245fcffa1998c7e

[Patch] https://git.kernel.org/stable/c/3d7c075c878ac844e33c43e506c2fa27ac7e9689

[Patch] https://git.kernel.org/stable/c/922338efaad63cfe30d459dfc59f9d69ff93ded4

[Patch] https://git.kernel.org/stable/c/daac51c7032036a0ca5f1aa419ad1b0471d1c6e0

[Patch] https://git.kernel.org/stable/c/e7b7a93879558e77d950f1ff9a6f3daa385b33df

Scores

CVSS v3 5.5

EPSS 0.0001

EPSS Percentile 3.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-401

Status draft

Affected Products (11)

linux/linux_kernel < 6.1.154

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/Kernel < 6.1.154linux

linux/Kernel < 6.6.108linux

linux/Kernel < 6.12.49linux

linux/Kernel < 6.16.9linux

Timeline

Published Oct 04, 2025

Tracked Since Feb 18, 2026