CVE-2025-39723Out-of-bounds Write in Linux

CWE-787Out-of-bounds WriteCWE-476NULL Pointer Dereference5 documents5 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 97.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedSep 5

Description

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix unbuffered write error handling If all the subrequests in an unbuffered write stream fail, the subrequest collector doesn't update the stream->transferred value and it retains its initial LONG_MAX value. Unfortunately, if all active streams fail, then we take the smallest value of { LONG_MAX, LONG_MAX, ... } as the value to set in wreq->transferred - which is then returned from ->write_iter(). LONG_MAX was chosen a

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

NVDlinux/linux_kernel6.106.12.44+2
Debianlinux/linux_kernel< 6.12.48-1+1
CVEListV5linux/linux288ace2f57c9d06dd2e42bd80d03747d879a4068f08c80af3c9a9849cd178b4843b7c01d103506a1+3
debiandebian/linux< linux 6.16.5-1 (forky)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-6r55-jr8w-3x3r: In the Linux kernel, the following vulnerability has been resolved: netfs: Fix unbuffered write error handling If all the subrequests in an unbuffer2025-09-05
OSV
CVE-2025-39723: In the Linux kernel, the following vulnerability has been resolved: netfs: Fix unbuffered write error handling If all the subrequests in an unbuffered2025-09-05

📋Vendor Advisories

2
Red Hat
kernel: netfs: Fix unbuffered write error handling2025-09-05
Debian
CVE-2025-39723: linux - In the Linux kernel, the following vulnerability has been resolved: netfs: Fix ...2025
CVE-2025-39723 — Out-of-bounds Write in Linux | cvebase