CVE-2025-39778

Опубликовано: 18 апр. 2025

Источник: nvd

CVSS3: 7.1

EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved:

objtool, nvmet: Fix out-of-bounds stack access in nvmet_ctrl_state_show()

The csts_state_names[] array only has six sparse entries, but the iteration code in nvmet_ctrl_state_show() iterates seven, resulting in a potential out-of-bounds stack read. Fix that.

Fixes the following warning with an UBSAN kernel:

vmlinux.o: warning: objtool: .text.nvmet_ctrl_state_show: unexpected end of section

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 6.11 (включая) до 6.12.23 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 6.13 (включая) до 6.13.11 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 6.14 (включая) до 6.14.2 (исключая)

EPSS

Процентиль: 2%

0.00015

Низкий

7.1 High

CVSS3

Дефекты

CWE-125

Связанные уязвимости

CVE-2025-39778

CVSS3: 7.1

ubuntu

2 месяца назад

In the Linux kernel, the following vulnerability has been resolved: objtool, nvmet: Fix out-of-bounds stack access in nvmet_ctrl_state_show() The csts_state_names[] array only has six sparse entries, but the iteration code in nvmet_ctrl_state_show() iterates seven, resulting in a potential out-of-bounds stack read. Fix that. Fixes the following warning with an UBSAN kernel: vmlinux.o: warning: objtool: .text.nvmet_ctrl_state_show: unexpected end of section

CVE-2025-39778

CVSS3: 7.1

redhat

2 месяца назад

CVE-2025-39778

CVSS3: 7.1

debian

2 месяца назад

In the Linux kernel, the following vulnerability has been resolved: o ...

GHSA-2h4h-cj8f-67g5

CVSS3: 7.1

github

2 месяца назад

EPSS

Процентиль: 2%

0.00015

Низкий

7.1 High

CVSS3

Дефекты

CWE-125