CVE Catalog

CVE-2025-39929

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.13%

3th percentile - higher than 3% of all known CVEs

Summary

A vulnerability in the Linux kernel related to a memory leak in the smbd_negotiate() function during error handling for SMB client has been resolved.

Risk Assessment

Exploitation of this vulnerability may lead to memory leaks, potentially affecting system stability over time.

Recommendation

It is recommended to update the Linux kernel to the latest version to mitigate this vulnerability.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix smbdirect_recv_io leak in smbd_negotiate() error path During tests of another unrelated patch I was able to trigger this error: Objects remaining on __kmem_cache_shutdown()

Vulnerability data from NVD (NIST) · CISA KEV · EPSS