CVE-2025-39929

MEDIUM

Linux Kernel - Buffer Overflow

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix smbdirect_recv_io leak in smbd_negotiate() error path During tests of another unrelated patch I was able to trigger this error: Objects remaining on __kmem_cache_shutdown()

References (5)

[Patch] https://git.kernel.org/stable/c/0991418bf98f191d0c320bd25245fcffa1998c7e

[Patch] https://git.kernel.org/stable/c/3d7c075c878ac844e33c43e506c2fa27ac7e9689

[Patch] https://git.kernel.org/stable/c/922338efaad63cfe30d459dfc59f9d69ff93ded4

[Patch] https://git.kernel.org/stable/c/daac51c7032036a0ca5f1aa419ad1b0471d1c6e0

[Patch] https://git.kernel.org/stable/c/e7b7a93879558e77d950f1ff9a6f3daa385b33df

Scores

CVSS v3 5.5

EPSS 0.0002

EPSS Percentile 6.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-401

Status published

Products (18)

linux/Kernel 4.16.0 - 6.1.154linux

linux/Kernel 6.13.0 - 6.16.9linux

linux/Kernel 6.2.0 - 6.6.108linux

linux/Kernel 6.7.0 - 6.12.49linux

Linux/Linux < 4.16

Linux/Linux 4.16

Linux/Linux 6.1.154 - 6.1.*

Linux/Linux 6.12.49 - 6.12.*

Linux/Linux 6.16.9 - 6.16.*

Linux/Linux 6.17

... and 8 more

Published Oct 04, 2025

Tracked Since Feb 18, 2026