Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-39795— block: avoid possible overflow for chunk_sectors check in blk_stack_limits()

EPSS 0.01% · P3

Affected Version Matrix 18

VendorProductVersion RangeStatus
LinuxLinux22ada802ede89829dd010a317d9b812b7df7111a< 418751910044649baa2b424ea31cce3fc4dcc253affected
22ada802ede89829dd010a317d9b812b7df7111a< 8b3ce085b52e674290cbfdd07034e7653ffbe4dcaffected
22ada802ede89829dd010a317d9b812b7df7111a< 31f2f080898e50cbf2bae62d35f9f2a997547b38affected
22ada802ede89829dd010a317d9b812b7df7111a< 3b9d69f0e68aa6b0acd9791c45d445154a8c66e9affected
22ada802ede89829dd010a317d9b812b7df7111a< 46aa80ef49594ed7de685ecbc673b291e9a2c159affected
22ada802ede89829dd010a317d9b812b7df7111a< 5e276e6ff9aacf8901b9c3265c3cdd2568c9fff2affected
22ada802ede89829dd010a317d9b812b7df7111a< 14beeef4aafecc8a41de534e31fb5be94739392faffected
22ada802ede89829dd010a317d9b812b7df7111a< 448dfecc7ff807822ecd47a5c052acedca7d09e8affected
… +10 more rows
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-39795

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
block: avoid possible overflow for chunk_sectors check in blk_stack_limits()
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: block: avoid possible overflow for chunk_sectors check in blk_stack_limits() In blk_stack_limits(), we check that the t->chunk_sectors value is a multiple of the t->physical_block_size value. However, by finding the chunk_sectors value in bytes, we may overflow the unsigned int which holds chunk_sectors, so change the check to be based on sectors.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于blk_stack_limits函数中可能发生整数溢出,可能导致安全检查失效。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux 22ada802ede89829dd010a317d9b812b7df7111a ~ 418751910044649baa2b424ea31cce3fc4dcc253 -
LinuxLinux 5.10 -

II. Public POCs for CVE-2025-39795

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2025-39795

登录查看更多情报信息。

Same Patch Batch · Linux · 2025-09-12 · 7 CVEs total

CVE-2025-39792dm: Always split write BIOs to zoned device limits
CVE-2025-39793io_uring/memmap: cast nr_pages to size_t before shifting
CVE-2025-39794ARM: tegra: Use I/O memcpy to write to IRAM
CVE-2025-39796net: lapbether: ignore ops-locked netdevs
CVE-2025-39797xfrm: Duplicate SPI Handling
CVE-2025-39798NFS: Fix the setting of capabilities when automounting a new filesystem

IV. Related Vulnerabilities

Same product: Linux
Same vendor: Linux

V. Comments for CVE-2025-39795

No comments yet

Leave a comment