Out-of-Bounds Read Vulnerability in Linux Kernel by Linux Foundation
CVE-2025-39840
What is CVE-2025-39840?
A vulnerability has been identified in the Linux kernel where an out-of-bounds read occurs during the audit comparison of directory names. Specifically, this issue arises when a filesystem notification event (fsnotify) is triggered for a single-character name directly under the root directory, such as creating '/a'. The underlying cause is a flaw in the audit_compare_dname_path() function, which fails to adequately check the length of the path, allowing the code to dereference invalid memory. To address this vulnerability, a condition has been implemented in the while loop to ensure that path length is greater than zero, thus preventing such unsafe memory access.
Affected Version(s)
Linux e92eebb0d6116f942ab25dfb1a41905aa59472a8 < 9735a9dcc307427e7d6336c54171682f1bac9789
Linux e92eebb0d6116f942ab25dfb1a41905aa59472a8 < 4540f1d23e7f387880ce46d11b5cd3f27248bf8d
Linux 6.14