| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025100414-CVE-2025-39929-4308@gregkh> Date: Sat, 4 Oct 2025 09:33:14 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2025-39929: smb: client: fix smbdirect_recv_io leak in smbd_negotiate() error path From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: smb: client: fix smbdirect_recv_io leak in smbd_negotiate() error path During tests of another unrelated patch I was able to trigger this error: Objects remaining on __kmem_cache_shutdown() The Linux kernel CVE team has assigned CVE-2025-39929 to this issue. Affected and fixed versions =========================== Issue introduced in 4.16 with commit f198186aa9bbd60fae7a2061f4feec614d880299 and fixed in 6.1.154 with commit 3d7c075c878ac844e33c43e506c2fa27ac7e9689 Issue introduced in 4.16 with commit f198186aa9bbd60fae7a2061f4feec614d880299 and fixed in 6.6.108 with commit e7b7a93879558e77d950f1ff9a6f3daa385b33df Issue introduced in 4.16 with commit f198186aa9bbd60fae7a2061f4feec614d880299 and fixed in 6.12.49 with commit 922338efaad63cfe30d459dfc59f9d69ff93ded4 Issue introduced in 4.16 with commit f198186aa9bbd60fae7a2061f4feec614d880299 and fixed in 6.16.9 with commit 0991418bf98f191d0c320bd25245fcffa1998c7e Issue introduced in 4.16 with commit f198186aa9bbd60fae7a2061f4feec614d880299 and fixed in 6.17 with commit daac51c7032036a0ca5f1aa419ad1b0471d1c6e0 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2025-39929 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: fs/smb/client/smbdirect.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/3d7c075c878ac844e33c43e506c2fa27ac7e9689 https://git.kernel.org/stable/c/e7b7a93879558e77d950f1ff9a6f3daa385b33df https://git.kernel.org/stable/c/922338efaad63cfe30d459dfc59f9d69ff93ded4 https://git.kernel.org/stable/c/0991418bf98f191d0c320bd25245fcffa1998c7e https://git.kernel.org/stable/c/daac51c7032036a0ca5f1aa419ad1b0471d1c6e0
Powered by blists - more mailing lists