CVE-2025-39836
BaseFortify
Publication date: 2025-09-16
Last updated on: 2025-12-01
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 6.8 (inc) to 6.12.45 (exc) |
| linux | linux_kernel | From 6.13 (inc) to 6.16.5 (exc) |
| linux | linux_kernel | 6.17 |
| linux | linux_kernel | 6.17 |
| linux | linux_kernel | 6.17 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves an incorrect buffer allocation method in the Linux kernel's EFI subsystem. Specifically, the function setup_mm_hdr() allocates a communication buffer using kmalloc(), which does not guarantee contiguous memory pages. However, the buffer is later passed to tee_shm_register_kernel_buf(), which expects contiguous pages. This mismatch can lead to memory corruption or kernel bugs. The issue was fixed by changing the allocation method to alloc_pages_exact(), which ensures contiguous pages.
How can this vulnerability impact me? :
The vulnerability can cause various memory corruptions or kernel bugs, potentially leading to system instability, crashes, or unexpected behavior in systems running the affected Linux kernel versions.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, update the Linux kernel to a version that includes the fix replacing kmalloc() with alloc_pages_exact() in the efi: stmm component. This ensures proper buffer allocation and prevents potential corruptions or BUGs.