Wiz
Vulnerability DatabaseCVE-2025-39942

CVE-2025-39942
CBL Mariner vulnerability analysis and mitigation

Overview

CVE-2025-39942 is a vulnerability discovered in the Linux kernel, specifically affecting the ksmbd SMBDirect implementation. The vulnerability was disclosed on October 4, 2025, and involves improper validation of remaining_data_length against max_fragmented_recv_size in the SMBDirect protocol handling (NVD, RedHat).

Technical details

The vulnerability relates to the verification of remaining_data_length in relation to max_fragmented_recv_size within the ksmbd SMBDirect implementation. This issue was inspired by similar checks for data_offset + data_length validation. The vulnerability has been assigned a CVSS v3.1 base score with the vector AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H, indicating a score of 5.5 (RedHat).

Impact

Based on the CVSS scoring, the vulnerability has potential impact on system availability (High), while maintaining no direct impact on confidentiality or integrity. The local attack vector and low complexity suggest that exploitation could lead to system resource exhaustion or denial of service conditions (RedHat).

Mitigation and workarounds

The vulnerability has been resolved in the Linux kernel through patches. Multiple Ubuntu releases including 25.04 plucky, 24.04 LTS noble, and 22.04 LTS jammy have been marked as vulnerable and require updates (Ubuntu).

Additional resources

SourceThis report was generated using AI

Related CBL Mariner vulnerabilities:

CVE ID

Severity

Score

Technologies

Component name

CISA KEV exploit

Has fix

Published date

CVE-2025-68973HIGH7
  • NixOSNixOS
  • gnupg2-gpg-agent-debuginfo
NoYesDec 28, 2025
CVE-2025-13699HIGH7
  • MariaDB ServerMariaDB Server
  • mariadb-pam
NoYesDec 23, 2025
CVE-2025-68972MEDIUM4.7
  • NixOSNixOS
  • gnupg2-wks
NoYesDec 27, 2025
CVE-2025-11961LOW1.9
  • CBL MarinerCBL Mariner
  • libpcap1
NoYesDec 31, 2025
CVE-2025-68343N/AN/A
  • Linux KernelLinux Kernel
  • kernel-rt-64k-debug-kvm
NoYesDec 23, 2025

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

Cloud Threat Landscape

A threat intelligence database

PEACH

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo