CVE-2025-39795
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
block: avoid possible overflow for chunk_sectors check in blk_stack_limits()
In blk_stack_limits(), we check that the t->chunk_sectors value is a multiple of the t->physical_block_size value.
However, by finding the chunk_sectors value in bytes, we may overflow the unsigned int which holds chunk_sectors, so change the check to be based on sectors.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 22ada802ede89829dd010a317d9b812b7df7111a < 418751910044649baa2b424ea31cce3fc4dcc253 | affected |
| Linux | Linux | 22ada802ede89829dd010a317d9b812b7df7111a < 8b3ce085b52e674290cbfdd07034e7653ffbe4dc | affected |
| Linux | Linux | 22ada802ede89829dd010a317d9b812b7df7111a < 31f2f080898e50cbf2bae62d35f9f2a997547b38 | affected |
| Linux | Linux | 22ada802ede89829dd010a317d9b812b7df7111a < 3b9d69f0e68aa6b0acd9791c45d445154a8c66e9 | affected |
| Linux | Linux | 22ada802ede89829dd010a317d9b812b7df7111a < 46aa80ef49594ed7de685ecbc673b291e9a2c159 | affected |
| Linux | Linux | 22ada802ede89829dd010a317d9b812b7df7111a < 5e276e6ff9aacf8901b9c3265c3cdd2568c9fff2 | affected |
| Linux | Linux | 22ada802ede89829dd010a317d9b812b7df7111a < 14beeef4aafecc8a41de534e31fb5be94739392f | affected |
| Linux | Linux | 22ada802ede89829dd010a317d9b812b7df7111a < 448dfecc7ff807822ecd47a5c052acedca7d09e8 | affected |
| Linux | Linux | 5.10 | affected |
| Linux | Linux | 0 < 5.10 | unaffected |
| Linux | Linux | 5.10.241 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.190 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.149 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.103 <= 6.6.* | unaffected |
| Linux | Linux | 6.12.43 <= 6.12.* | unaffected |
| Linux | Linux | 6.15.11 <= 6.15.* | unaffected |
| Linux | Linux | 6.16.2 <= 6.16.* | unaffected |
| Linux | Linux | 6.17 <= * | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
Additional References
- https://cert-portal.siemens.com/productcert/html/ssa-082556.html
- https://cert-portal.siemens.com/productcert/html/ssa-032379.html
References
- https://git.kernel.org/stable/c/418751910044649baa2b424ea31cce3fc4dcc253
- https://git.kernel.org/stable/c/8b3ce085b52e674290cbfdd07034e7653ffbe4dc
- https://git.kernel.org/stable/c/31f2f080898e50cbf2bae62d35f9f2a997547b38
- https://git.kernel.org/stable/c/3b9d69f0e68aa6b0acd9791c45d445154a8c66e9
- https://git.kernel.org/stable/c/46aa80ef49594ed7de685ecbc673b291e9a2c159
- https://git.kernel.org/stable/c/5e276e6ff9aacf8901b9c3265c3cdd2568c9fff2
- https://git.kernel.org/stable/c/14beeef4aafecc8a41de534e31fb5be94739392f
- https://git.kernel.org/stable/c/448dfecc7ff807822ecd47a5c052acedca7d09e8
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.