CVE-2025-39975

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An issue exists in the Linux kernel’s SMB client implementation within the smb2 compound op() function. The function incorrectly handles indexing when processing responses for commands, leading to improper handling of command results. Specifically, the loop processing command responses uses incorrect indices when accessing response buffers. If the computed index is greater than or equal to MAX COMPOUND, it can result in out-of-bounds access.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.