-
CVE-2025-39836
- EPSS 0.02%
- Published 16.09.2025 13:08:52
- Last modified 17.09.2025 14:18:55
- Source 416baaa9-dc9f-4396-8d5f-8c081f
- Teams watchlist Login
- Open Login
In the Linux kernel, the following vulnerability has been resolved:
efi: stmm: Fix incorrect buffer allocation method
The communication buffer allocated by setup_mm_hdr() is later on passed
to tee_shm_register_kernel_buf(). The latter expects those buffers to be
contiguous pages, but setup_mm_hdr() just uses kmalloc(). That can cause
various corruptions or BUGs, specifically since commit 9aec2fb0fd5e
("slab: allocate frozen pages"), though it was broken before as well.
Fix this by using alloc_pages_exact() instead of kmalloc().Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
VendorLinux
≫
Product
Linux
Default Statusunaffected
Version <
77ff27ff0e4529a003c8a1c2492c111968c378d3
Version
c44b6be62e8dd4ee0a308c36a70620613e6fc55f
Status
affected
Version <
630c0e6064daf84f17aad1a7d9ca76b562e3fe47
Version
c44b6be62e8dd4ee0a308c36a70620613e6fc55f
Status
affected
Version <
c5e81e672699e0c5557b2b755cc8f7a69aa92bff
Version
c44b6be62e8dd4ee0a308c36a70620613e6fc55f
Status
affected
VendorLinux
≫
Product
Linux
Default Statusaffected
Version
6.8
Status
affected
Version <
6.8
Version
0
Status
unaffected
Version <=
6.12.*
Version
6.12.45
Status
unaffected
Version <=
6.16.*
Version
6.16.5
Status
unaffected
Version <=
*
Version
6.17-rc4
Status
unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.043 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|