CVE-2025-39701

HIGH EPSS 6.8%
Published Sep 5, 202510mo ago · Modified Jun 17, 20262w ago
7.8 CVSS 3.1
High
Find Similar
Published Sep 5, 2025 10mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: ACPI: pfr_update: Fix the driver update version check The security-version-number check should be used rather than the runtime version check for driver updates. Otherwise, the firmware update would fail when the update binary had a lower runtime version number than the current one. [ rjw: Changelog edits ]

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
6.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 7

VendorProductVersionRange
linuxlinux_kernel*≥5.17  –  <6.1.149
linuxlinux_kernel*≥6.2  –  <6.6.103
linuxlinux_kernel*≥6.7  –  <6.12.44
linuxlinux_kernel*≥6.13  –  <6.16.4
linuxlinux_kernel6.17any
linuxlinux_kernel6.17any
debiandebian_linux11.0any

References 7

  • cert-portal.siemens.com https://cert-portal.siemens.com/productcert/html/ssa-032379.html
  • git.kernel.org https://git.kernel.org/stable/c/79300ff532bccbbf654992c7c0863b49a6c3973c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8151320c747efb22d30b035af989fed0d502176e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/908094681f645d3a78e18ef90561a97029e2df7b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b00219888c11519ef75d988fa8a780da68ff568e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cf0a88124e357bffda487cbf3cb612bb97eb97e4
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
    Mailing ListThird Party Advisory

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/79300ff532bccbbf654992c7c0863b49a6c3973c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8151320c747efb22d30b035af989fed0d502176e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/908094681f645d3a78e18ef90561a97029e2df7b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b00219888c11519ef75d988fa8a780da68ff568e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cf0a88124e357bffda487cbf3cb612bb97eb97e4
    Patch