CVE-2025-39719
BaseFortify
Publication date: 2025-09-05
Last updated on: 2025-11-03
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| vendor | linux | 6.1.153-1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an out-of-bounds (OOB) array access issue in the Linux kernel's bno055 driver. Specifically, in the function bno055_get_regmask(), the code iterates over the hw_xlate array using the length of a different array (vals), which can be larger. This mismatch can cause the code to access memory beyond the bounds of the hw_xlate array, potentially leading to undefined behavior or crashes. The fix involved adding a new hw_xlate_len field to ensure the iteration uses the correct array length.
How can this vulnerability impact me? :
This vulnerability could lead to out-of-bounds memory access in the Linux kernel, which might cause system instability, crashes, or potentially allow an attacker to exploit the kernel for further malicious actions. However, in practice, the issue is unlikely to occur because the code is designed to break out of the loop once a match is found, preventing iteration beyond the array's end.