Stack Buffer Vulnerability in Linux Kernel Affecting RISC-V KVM
CVE-2025-39815

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 16 September 2025

What is CVE-2025-39815?

A vulnerability in the Linux Kernel's handling of stack buffers for RISC-V KVM has been identified, allowing userspace loads to potentially exceed the allocated buffer size of xlen bits. This flaw could lead to stack overrun, compromising the integrity of the system. A fix has been implemented to perform size checks before loading data, preventing overflow and enhancing system stability.

Affected Version(s)

Linux 2fa290372dfe7dd248b1c16f943f273a3e674f22

Linux 2fa290372dfe7dd248b1c16f943f273a3e674f22 < 6d28659b692a0212f360f8bd8a58712b339f9aac

Linux 2fa290372dfe7dd248b1c16f943f273a3e674f22 < 799766208f09f95677a9ab111b93872d414fbad7

References

https://git.kernel.org/stable/c/c76bf8359188a11f8fd790e5b...

https://git.kernel.org/stable/c/6d28659b692a0212f360f8bd8...

https://git.kernel.org/stable/c/799766208f09f95677a9ab111...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 16, 2025
Vulnerability Reserved
Apr 16, 2025