Vulnerability Database

319,561

Total vulnerabilities in the database

CVE-2025-39975

In the Linux kernel, the following vulnerability has been resolved:

smb: client: fix wrong index reference in smb2_compound_op()

In smb2_compound_op(), the loop that processes each command's response uses wrong indices when accessing response bufferes.

This incorrect indexing leads to improper handling of command results. Also, if incorrectly computed index is greather than or equal to MAX_COMPOUND, it can cause out-of-bounds accesses.

Published: Oct 15, 2025
Updated: Nov 17, 2025
CVE: CVE-2025-39975
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

No affected software listed.

https://git.kernel.org/stable/c/093615fc76063ea08d454ba86677ce64c736e806
https://git.kernel.org/stable/c/ba7bcfd52c66dd1c2dfa5142aca7e4a70b62dfa5
https://git.kernel.org/stable/c/bfb1e2aad1fecef8320fd71332acde0d53a8d699
https://git.kernel.org/stable/c/fbe2dc6a9c7318f7263f5e4d50f6272b931c5756

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo