CVE-2025-39680
BaseFortify
Publication date: 2025-09-05
Last updated on: 2025-11-25
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | 6.17 |
| linux | linux_kernel | 6.17 |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-125 | The product reads data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an out-of-bounds bug in the Linux kernel's i2c rtl9300 driver. It occurs because the variable data->block[0], which comes from user input, is not properly checked and can be very large, leading to an out-of-bounds access. The bug was fixed by adding a check on the value of data->block[0] before using it.
How can this vulnerability impact me? :
This vulnerability can lead to out-of-bounds memory access in the Linux kernel, which may cause system instability, crashes, or potentially allow an attacker to execute arbitrary code or escalate privileges if exploited.
What immediate steps should I take to mitigate this vulnerability?
Apply the patch that fixes the out-of-bounds bug in the rtl9300_i2c_smbus_xfer function by ensuring the value of data->block[0] is properly checked before use. This involves updating the Linux kernel to the version that includes the fix described in the commit 39244cc75482 or later.