CVE-2025-39794

MEDIUM EPSS 4.4%
Published Sep 12, 20259mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Sep 12, 2025 9mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: ARM: tegra: Use I/O memcpy to write to IRAM Kasan crashes the kernel trying to check boundaries when using the normal memcpy.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
4.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 9

VendorProductVersionRange
linuxlinux_kernel*≥3.4  –  <5.4.297
linuxlinux_kernel*≥5.5  –  <5.10.241
linuxlinux_kernel*≥5.11  –  <5.15.190
linuxlinux_kernel*≥5.16  –  <6.1.149
linuxlinux_kernel*≥6.2  –  <6.6.103
linuxlinux_kernel*≥6.7  –  <6.12.43
linuxlinux_kernel*≥6.13  –  <6.15.11
linuxlinux_kernel*≥6.16  –  <6.16.2
debiandebian_linux11.0any

References 12

  • cert-portal.siemens.com https://cert-portal.siemens.com/productcert/html/ssa-032379.html
  • git.kernel.org https://git.kernel.org/stable/c/2499b0ac908eefbb8a217aae609b7a5b5174f330
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/30ef45b89a5961cdecf907ecff1ef3374d1de510
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/387435f4833f97aabfd74434ee526e31e8a626ea
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/398e67e0f5ae04b29bcc9cbf342e339fe9d3f6f1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/46b3a7a3a36d5833f14914d1b95c69d28c6a76d6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/75a3bdfeed2f129a2c7d9fd7779382b78e35b014
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/96d6605bf0561d6e568b1dd9265a0f73b5b94f51
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9b0b3b5e5cae95e09bf0ae4a9bcb58d9b6d57f87
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b28c1a14accc79ead1e87bbdae53309da60be1e7
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
    Third Party Advisory
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
    Third Party Advisory

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/2499b0ac908eefbb8a217aae609b7a5b5174f330
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/30ef45b89a5961cdecf907ecff1ef3374d1de510
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/387435f4833f97aabfd74434ee526e31e8a626ea
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/398e67e0f5ae04b29bcc9cbf342e339fe9d3f6f1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/46b3a7a3a36d5833f14914d1b95c69d28c6a76d6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/75a3bdfeed2f129a2c7d9fd7779382b78e35b014
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/96d6605bf0561d6e568b1dd9265a0f73b5b94f51
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9b0b3b5e5cae95e09bf0ae4a9bcb58d9b6d57f87
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b28c1a14accc79ead1e87bbdae53309da60be1e7
    Patch