Buffer Allocation Flaw in Linux Kernel Affecting System Integrity
CVE-2025-39836

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 16 September 2025

What is CVE-2025-39836?

A vulnerability has been identified in the Linux kernel stemming from an incorrect buffer allocation method within the EFI STMM subsystem. The issue arises when the communication buffer allocated by the setup_mm_hdr() function is passed to tee_shm_register_kernel_buf(), which requires contiguous page buffers. Instead of using alloc_pages_exact(), the initial method utilized kmalloc(), leading to potential memory corruption and system instability. This flaw has been acknowledged since earlier commits and has now been corrected to enhance system stability and reliability.

Affected Version(s)

Linux c44b6be62e8dd4ee0a308c36a70620613e6fc55f < 77ff27ff0e4529a003c8a1c2492c111968c378d3

Linux c44b6be62e8dd4ee0a308c36a70620613e6fc55f < 630c0e6064daf84f17aad1a7d9ca76b562e3fe47

Linux c44b6be62e8dd4ee0a308c36a70620613e6fc55f

References

https://git.kernel.org/stable/c/77ff27ff0e4529a003c8a1c24...

https://git.kernel.org/stable/c/630c0e6064daf84f17aad1a7d...

https://git.kernel.org/stable/c/c5e81e672699e0c5557b2b755...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 16, 2025
Vulnerability Reserved
Apr 16, 2025