CVE-2025-39943 | Linux Kernel up to 5.15.193/6.1.153/6.6.107/6.12.48/6.16.8 ksmbd recv_done data_offset/data_length out-of-bounds

October 4, 2025 Yanac

A vulnerability was found in Linux Kernel up to 5.15.193/6.1.153/6.6.107/6.12.48/6.16.8. It has been rated as critical. This vulnerability affects the function recv_done of the component ksmbd. Performing manipulation of the argument data_offset/data_length results in out-of-bounds read.

This vulnerability was named CVE-2025-39943. The attack needs to be approached within the local network. There is no available exploit.

Upgrading the affected component is advised.VulDB Recent EntriesRead More