Linux Kernel Vulnerability in Intel QuickI2C ACPI Methods
CVE-2025-39809

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 16 September 2025

What is CVE-2025-39809?

A vulnerability within the Intel QuickI2C ACPI methods in the Linux kernel can lead to stack out-of-bounds issues, resulting in kernel crashes. This occurs when the methods return ICRS and ISUB data with incorrect lengths, causing buffer overflows that may compromise system stability. Affected systems should be patched to mitigate the risks associated with this bug, which can lead to unpredictable behavior and potential data loss.

Affected Version(s)

Linux 5282e45ccbfa91524944a32d40386c54fdd4d145 < 4adce86d4b13d15dec7810967839b931b1598700

Linux 5282e45ccbfa91524944a32d40386c54fdd4d145 < 1db9df89a213318a48d958385dc1b17b379dc32b

Linux 6.14

References

https://git.kernel.org/stable/c/4adce86d4b13d15dec7810967...

https://git.kernel.org/stable/c/1db9df89a213318a48d958385...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 16, 2025
Vulnerability Reserved
Apr 16, 2025