Описание
In the Linux kernel, the following vulnerability has been resolved:
e1000e: fix heap overflow in e1000_set_eeprom
Fix a possible heap overflow in e1000_set_eeprom function by adding input validation for the requested length of the change in the EEPROM. In addition, change the variable type from int to size_t for better code practices and rearrange declarations to RCT.
In the Linux kernel, the following vulnerability has been resolved:
e1000e: fix heap overflow in e1000_set_eeprom
Fix a possible heap overflow in e1000_set_eeprom function by adding input validation for the requested length of the change in the EEPROM. In addition, change the variable type from int to size_t for better code practices and rearrange declarations to RCT.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2025-39898
- https://git.kernel.org/stable/c/0aec3211283482cfcdd606d1345e1f9acbcabd31
- https://git.kernel.org/stable/c/50a84d5c814039ad2abe2748aec3e89324a548a7
- https://git.kernel.org/stable/c/90fb7db49c6dbac961c6b8ebfd741141ffbc8545
- https://git.kernel.org/stable/c/99a8772611e2d7ec318be7f0f072037914a1f509
- https://git.kernel.org/stable/c/b370f7b1f470a8d5485cc1e40e8ff663bb55d712
- https://git.kernel.org/stable/c/b48adcacc34fbbc49046a7ee8a97839bef369c85
- https://git.kernel.org/stable/c/ce8829d3d44b8622741bccca9f4408bc3da30b2b
- https://git.kernel.org/stable/c/ea832ec0583e2398ea0c5ed8d902c923e16f53c4
CVE ID
Связанные уязвимости
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
A heap‑overflow vulnerability was discovered in the linux kernel e1000e driver’s e1000_set_eeprom() function, insufficient validation of the requested length for an EEPROM change could allow a local, low‑privilege user to trigger memory corruption (heap overflow). A local unprivileged user with access to the driver could exploit this flaw to cause memory corruption, potentially leading to confidentiality, integrity, and availability damage.
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
