CVE-2025-39933

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel's SMB client implementation. Specifically, the recv done function did not adequately verify data offset, data length, and remaining data length. This issue is related to server-side fixes addressing similar problems.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

ALSA-2026:0759

ALSA-2026:0760

ALSA-2026:0793

ALSA-2026:2282

BDU:2026-04494

CVE-2025-39933

ECHO-5456-532E-B855

RHSA-2026:0759

RHSA-2026:0760

RHSA-2026:0793

RHSA-2026:1727

RHSA-2026:2282

RHSA-2026:2759

RHSA-2026:2766

RHSA-2026:3267

RHSA-2026:3268

RHSA-2026:3277

RHSA-2026:3293

RHSA-2026:3358

RHSA-2026:3360

RHSA-2026:3375

Affected Products

Debian

Linux Kernel

Rocky Linux

CVE-2025-39933

Weakness Enumeration

Related Identifiers

Affected Products

References · 74