CVE-2025-39907

MEDIUM EPSS 3.7%
Published Oct 1, 20259mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Oct 1, 2025 9mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer Avoid below overlapping mappings by using a contiguous non-cacheable buffer. [ 4.077708] DMA-API: stm32_fmc2_nfc 48810000.nand-controller: cacheline tracking EEXIST, overlapping mappings aren't supported [ 4.089103] WARNING: CPU: 1 PID: 44 at kernel/dma/debug.c:568 add_dma_entry+0x23c/0x300 [ 4.097071] Modules linked in: [ 4.100101] CPU: 1 PID: 44 Comm: kworker/u4:2 Not tainted 6.1.82 #1 [ 4.106346] Hardware name: STMicroelectronics STM32MP257F VALID1 SNOR / MB1704 (LPDDR4 Power discrete) + MB1703 + MB1708 (SNOR MB1730) (DT) [ 4.118824] Workqueue: events_unbound deferred_probe_work_func [ 4.124674] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 4.131624] pc : add_dma_entry+0x23c/0x300 [ 4.135658] lr : add_dma_entry+0x23c/0x300 [ 4.139792] sp : ffff800009dbb490 [ 4.143016] x29: ffff800009dbb4a0 x28: 0000000004008022 x27: ffff8000098a6000 [ 4.150174] x26: 0000000000000000 x25: ffff8000099e7000 x24: ffff8000099e7de8 [ 4.157231] x23: 00000000ffffffff x22: 0000000000000000 x21: ffff8000098a6a20 [ 4.164388] x20: ffff000080964180 x19: ffff800009819ba0 x18: 0000000000000006 [ 4.171545] x17: 6361727420656e69 x16: 6c6568636163203a x15: 72656c6c6f72746e [ 4.178602] x14: 6f632d646e616e2e x13: ffff800009832f58 x12: 00000000000004ec [ 4.185759] x11: 00000000000001a4 x10: ffff80000988af58 x9 : ffff800009832f58 [ 4.192916] x8 : 00000000ffffefff x7 : ffff80000988af58 x6 : 80000000fffff000 [ 4.199972] x5 : 000000000000bff4 x4 : 0000000000000000 x3 : 0000000000000000 [ 4.207128] x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff0000812d2c40 [ 4.214185] Call trace: [ 4.216605] add_dma_entry+0x23c/0x300 [ 4.220338] debug_dma_map_sg+0x198/0x350 [ 4.224373] __dma_map_sg_attrs+0xa0/0x110 [ 4.228411] dma_map_sg_attrs+0x10/0x2c [ 4.232247] stm32_fmc2_nfc_xfer.isra.0+0x1c8/0x3fc [ 4.237088] stm32_fmc2_nfc_seq_read_page+0xc8/0x174 [ 4.242127] nand_read_oob+0x1d4/0x8e0 [ 4.245861] mtd_read_oob_std+0x58/0x84 [ 4.249596] mtd_read_oob+0x90/0x150 [ 4.253231] mtd_read+0x68/0xac

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
3.7% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 13

VendorProductVersionRange
linuxlinux_kernel*≥5.1  –  <5.4.300
linuxlinux_kernel*≥5.5  –  <5.10.245
linuxlinux_kernel*≥5.11  –  <5.15.194
linuxlinux_kernel*≥5.16  –  <6.1.153
linuxlinux_kernel*≥6.2  –  <6.6.107
linuxlinux_kernel*≥6.7  –  <6.12.48
linuxlinux_kernel*≥6.13  –  <6.16.8
linuxlinux_kernel6.17any
linuxlinux_kernel6.17any
linuxlinux_kernel6.17any
linuxlinux_kernel6.17any
linuxlinux_kernel6.17any
debiandebian_linux11.0any

References 9

  • git.kernel.org https://git.kernel.org/stable/c/06d8ef8f853752fea88c8d5bb093a40e71b330cf
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/26adba1e7d7924174e15a3ba4b1132990786300b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/513c40e59d5a414ab763a9c84797534b5e8c208d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/75686c49574dd5f171ca682c18717787f1d8d55e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/dc1c6e60993b93b87604eb11266ac72e1a3be9e0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/dfe2ac47a6ee0ab50393694517c54ef1e276dda3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e32a2ea52b51368774d014e5bcd9b86110a2b727
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f6fd98d961fa6f97347cead4f08ed862cbbb91ff
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
    Mailing ListThird Party Advisory

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/06d8ef8f853752fea88c8d5bb093a40e71b330cf
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/26adba1e7d7924174e15a3ba4b1132990786300b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/513c40e59d5a414ab763a9c84797534b5e8c208d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/75686c49574dd5f171ca682c18717787f1d8d55e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/dc1c6e60993b93b87604eb11266ac72e1a3be9e0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/dfe2ac47a6ee0ab50393694517c54ef1e276dda3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e32a2ea52b51368774d014e5bcd9b86110a2b727
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f6fd98d961fa6f97347cead4f08ed862cbbb91ff
    Patch