CVE-2025-39727

Summary

In the Linux kernel, the following vulnerability has been resolved:

mm: swap: fix potential buffer overflow in setup_clusters()

In setup_swap_map(), we only ensure badpages are in range (0, last_page]. As maxpages might be < last_page, setup_clusters() will encounter a buffer overflow when a badpage is >= maxpages.

Only call inc_cluster_info_page() for badpage which is < maxpages to fix the issue.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxb843786b0bd01ced7fcdbf3b033d68db2f7c61b2 < 91b370800b3f2b3dda244c0ab06719c4971190a5affected
LinuxLinuxb843786b0bd01ced7fcdbf3b033d68db2f7c61b2 < 9b01ada580ee84fb319e7ecb5fb5b1f54a9eb799affected
LinuxLinuxb843786b0bd01ced7fcdbf3b033d68db2f7c61b2 < 815c528b13f2bb9b3130c13bedeabf2351a68129affected
LinuxLinuxb843786b0bd01ced7fcdbf3b033d68db2f7c61b2 < 152c1339dc13ad46f1b136e8693de15980750835affected
LinuxLinux6.12affected
LinuxLinux0 < 6.12unaffected
LinuxLinux6.12.42 <= 6.12.*unaffected
LinuxLinux6.15.10 <= 6.15.*unaffected
LinuxLinux6.16.1 <= 6.16.*unaffected
LinuxLinux6.17 <= *unaffected

Weaknesses

References