CVE-2025-39924

Опубликовано: 01 окт. 2025

Источник: nvd

CVSS3: 5.5

EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved:

erofs: fix invalid algorithm for encoded extents

The current algorithm sanity checks do not properly apply to new encoded extents.

Unify the algorithm check with Z_EROFS_COMPRESSION(_RUNTIME)_MAX and ensure consistency with sbi->available_compr_algs.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 6.15 (включая) до 6.16.8 (исключая)

cpe:2.3:o:linux:linux_kernel:6.17:rc1:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:6.17:rc2:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:6.17:rc3:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:6.17:rc4:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:6.17:rc5:*:*:*:*:*:*

EPSS

Процентиль: 6%

0.00025

Низкий

5.5 Medium

CVSS3

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

CVE-2025-39924

CVSS3: 5.5

ubuntu

4 месяца назад

In the Linux kernel, the following vulnerability has been resolved: erofs: fix invalid algorithm for encoded extents The current algorithm sanity checks do not properly apply to new encoded extents. Unify the algorithm check with Z_EROFS_COMPRESSION(_RUNTIME)_MAX and ensure consistency with sbi->available_compr_algs.

CVE-2025-39924

CVSS3: 5.5

debian

4 месяца назад

In the Linux kernel, the following vulnerability has been resolved: e ...

GHSA-rx4q-q596-qrmv

CVSS3: 5.5

github

4 месяца назад

EPSS

Процентиль: 6%

0.00025

Низкий

5.5 Medium

CVSS3

Дефекты

NVD-CWE-noinfo