CVE-2025-39714
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-05

Last updated on: 2025-11-03

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: media: usbtv: Lock resolution while streaming When an program is streaming (ffplay) and another program (qv4l2) changes the TV standard from NTSC to PAL, the kernel crashes due to trying to copy to unmapped memory. Changing from NTSC to PAL increases the resolution in the usbtv struct, but the video plane buffer isn't adjusted, so it overflows. [hverkuil: call vb2_is_busy instead of vb2_is_streaming]
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-05
Last Modified
2025-11-03
Generated
2026-05-27
AI Q&A
2025-09-05
EPSS Evaluated
2026-05-25
NVD
CVE-2025-39714
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
linux kernel 5.10.244-1
linux kernel 6.1.153-1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability occurs in the Linux kernel's usbtv media driver. When one program is streaming video (using ffplay) and another program (qv4l2) changes the TV standard from NTSC to PAL, the kernel crashes. This happens because changing from NTSC to PAL increases the resolution stored in the usbtv structure, but the video plane buffer size is not adjusted accordingly, leading to a buffer overflow and attempts to copy to unmapped memory.


How can this vulnerability impact me? :

The vulnerability can cause the Linux kernel to crash when switching TV standards during streaming, leading to system instability or denial of service. This could disrupt video streaming applications and potentially affect system availability.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart