Linux Kernel Vulnerability in Block Device Management
CVE-2025-39795

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 12 September 2025

What is CVE-2025-39795?

A vulnerability exists in the Linux kernel related to the block device management where the 'chunk_sectors' value may lead to an overflow due to inappropriate handling of values in bytes. The function 'blk_stack_limits()' originally validates that 'chunk_sectors' is a multiple of the 'physical_block_size.' However, the validation logic has been corrected to operate based on sector values, thereby mitigating the risk of overflow in the unsigned integer that stores 'chunk_sectors.' This ensures enhanced stability and security in the kernel's handling of block devices.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 418751910044649baa2b424ea31cce3fc4dcc253

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 8b3ce085b52e674290cbfdd07034e7653ffbe4dc

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 31f2f080898e50cbf2bae62d35f9f2a997547b38

References

https://git.kernel.org/stable/c/418751910044649baa2b424ea...

https://git.kernel.org/stable/c/8b3ce085b52e674290cbfdd07...

https://git.kernel.org/stable/c/31f2f080898e50cbf2bae62d3...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 12, 2025
Vulnerability Reserved
Apr 16, 2025