Skip to main content

Linux CVE-2025-39819

MEDIUM
2025-09-16 416baaa9-dc9f-4396-8d5f-8c081fb06d67
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
SUSE
MEDIUM
qualitative
Red Hat
5.5 LOW
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 28, 2026 - 19:12 vuln.today
Patch released
Mar 28, 2026 - 19:12 nvd
Patch available
CVE Published
Sep 16, 2025 - 13:15 nvd
MEDIUM 5.5

DescriptionCVE.org

In the Linux kernel, the following vulnerability has been resolved:

fs/smb: Fix inconsistent refcnt update

A possible inconsistent update of refcount was identified in smb2_compound_op. Such inconsistent update could lead to possible resource leaks.

Why it is a possible bug:

  1. In the comment section of the function, it clearly states that the

reference to cfile should be dropped after calling this function.

  1. Every control flow path would check and drop the reference to

cfile, except the patched one.

  1. Existing callers would not handle refcount update of cfile if

-ENOMEM is returned.

To fix the bug, an extra goto label "out" is added, to make sure that the cleanup logic would always be respected. As the problem is caused by the allocation failure of vars, the cleanup logic between label "finished" and "out" can be safely ignored. According to the definition of function is_replayable_error, the error code of "-ENOMEM" is not recoverable. Therefore, the replay logic also gets ignored.

AnalysisAI

In the Linux kernel, the following vulnerability has been resolved: fs/smb: Fix inconsistent refcnt update A possible inconsistent update of refcount was identified in smb2_compound_op. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Technical ContextAI

In the Linux kernel, the following vulnerability has been resolved: fs/smb: Fix inconsistent refcnt update A possible inconsistent update of refcount was identified in smb2_compound_op. Such inconsistent update could lead to possible resource leaks. Why it is a possible bug: 1. In the comment section of the function, it clearly states that the reference to cfile should be dropped after calling this function. 2. Every control flow path would check and drop the reference to cfile, except the patched one. 3. Existing callers would not handle refcount update of cfile if -ENOMEM is returned. To fix the bug, an extra goto label "out" is added, to make sure that the cleanup logic would always be respected. As the problem is caused by the allocation failure of vars, the cleanup logic between label "finished" and "out" can be safely ignored. According to the definition of function is_replayable_error, the error code of "-ENOMEM" is not recoverable. Therefore, the replay logic also gets ignored. Affected products include: Linux Linux Kernel, Debian Debian Linux.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
Container suse/sl-micro/6.0/baremetal-os-container:latest Container suse/sl-micro/6.1/baremetal-os-container:2.2.0-5.2 Affected
Container suse/sl-micro/6.0/base-os-container:2.1.3-7.95 Container suse/sl-micro/6.1/base-os-container:2.2.1-5.80 Affected
Container suse/sl-micro/6.0/kvm-os-container:2.1.3-6.114 Container suse/sl-micro/6.1/kvm-os-container:2.2.1-5.82 Affected
Container suse/sl-micro/6.0/rt-os-container:2.1.3-7.116 Container suse/sl-micro/6.1/rt-os-container:2.2.1-5.55 Affected
Image SL-Micro-Azure Image SL-Micro-BYOS-Azure Image SL-Micro-BYOS-GCE Image SLE-Micro-Azure Image SLE-Micro-BYOS-Azure Image SLE-Micro-BYOS-GCE Image SLE-Micro-GCE Image SUSE-Multi-Linux-Manager-Proxy-BYOS-Azure Image SUSE-Multi-Linux-Manager-Proxy-BYOS-GCE Image SUSE-Multi-Linux-Manager-Server-Azure-llc Image SUSE-Multi-Linux-Manager-Server-BYOS-Azure Image SUSE-Multi-Linux-Manager-Server-BYOS-GCE Affected

Share

CVE-2025-39819 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy