Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix wrong index reference in smb2_compound_op() In smb2_compound_op(), the loop that processes each command's response uses wrong indices when accessing response bufferes. This incorrect indexing leads to improper handling of command results. Also, if incorrectly computed index is greather than or equal to MAX_COMPOUND, it can cause out-of-bounds accesses.
References
- https://git.kernel.org/stable/c/093615fc76063ea08d454ba86677ce64c736e806
- https://git.kernel.org/stable/c/ba7bcfd52c66dd1c2dfa5142aca7e4a70b62dfa5
- https://git.kernel.org/stable/c/bfb1e2aad1fecef8320fd71332acde0d53a8d699
- https://git.kernel.org/stable/c/fbe2dc6a9c7318f7263f5e4d50f6272b931c5756
FAQ
What is CVE-2025-39975?
CVE-2025-39975 is a documented vulnerability. In the Linux kernel, the following vulnerability has been resolved: smb: client: fix wrong index reference in smb2_compound_op() In smb2_compound_op(), the loop that processes each command's respons...
How severe is CVE-2025-39975?
CVSS scoring is not yet available for CVE-2025-39975. Check NVD for updates.
Is there a patch for CVE-2025-39975?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.