CVE-2025-39701

Summary

In the Linux kernel, the following vulnerability has been resolved:

ACPI: pfr_update: Fix the driver update version check

The security-version-number check should be used rather than the runtime version check for driver updates.

Otherwise, the firmware update would fail when the update binary had a lower runtime version number than the current one.

[ rjw: Changelog edits ]

Affected Software

VendorProductVersion RangeStatus
LinuxLinux0db89fa243e5edc5de38c88b369e4c3755c5fb74 < 79300ff532bccbbf654992c7c0863b49a6c3973caffected
LinuxLinux0db89fa243e5edc5de38c88b369e4c3755c5fb74 < cf0a88124e357bffda487cbf3cb612bb97eb97e4affected
LinuxLinux0db89fa243e5edc5de38c88b369e4c3755c5fb74 < b00219888c11519ef75d988fa8a780da68ff568eaffected
LinuxLinux0db89fa243e5edc5de38c88b369e4c3755c5fb74 < 908094681f645d3a78e18ef90561a97029e2df7baffected
LinuxLinux0db89fa243e5edc5de38c88b369e4c3755c5fb74 < 8151320c747efb22d30b035af989fed0d502176eaffected
LinuxLinux5.17affected
LinuxLinux0 < 5.17unaffected
LinuxLinux6.1.149 <= 6.1.*unaffected
LinuxLinux6.6.103 <= 6.6.*unaffected
LinuxLinux6.12.44 <= 6.12.*unaffected
LinuxLinux6.16.4 <= 6.16.*unaffected
LinuxLinux6.17 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

Additional References

References