Security Advisory

CVE-2025-39943

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-04 07:31:05
Last updated 2026-05-11 21:39:25
Assigner Linux
State PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transfer If data_offset and data_length of smb_direct_data_transfer struct are invalid, out of bounds issue could happen. This patch validate data_offset and data_length field in recv_done.