Linux Kernel Vulnerability in tee_shm_put Affects System Stability
CVE-2025-39865

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 19 September 2025

What is CVE-2025-39865?

A vulnerability in the Linux Kernel's memory management system was identified, specifically within the function tee_shm_put. A NULL pointer dereference occurred when invoked from the function tee_shm_free, leading to a potential system crash. This issue highlights the need for a validity check within tee_shm_put to prevent unsafe access and improve overall system reliability. The vulnerability arises when a pointer expected to reference a shared memory region returns NULL, triggering a crash upon dereference. Safeguarding against such scenarios is critical to maintain system performance and user experience.

Affected Version(s)

Linux c05d8f66ec3470e5212c4d08c46d6cb5738d600d

Linux 492eb7afe858d60408b2da09adc78540c4d16543 < 4377eac565c297fdfccd2f8e9bf94ee84ff6172f

Linux dfd0743f1d9ea76931510ed150334d571fbab49d < 25e315bc8ad363bd1194e49062f183ad4011957e

References

https://git.kernel.org/stable/c/f266188603c34e6e234fb0dfc...

https://git.kernel.org/stable/c/4377eac565c297fdfccd2f8e9...

https://git.kernel.org/stable/c/25e315bc8ad363bd1194e4906...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 19, 2025
Vulnerability Reserved
Apr 16, 2025