Memory Allocation Bug in Linux Kernel's EDMA Driver Affects ARM Platforms
CVE-2025-39869

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 23 September 2025

What is CVE-2025-39869?

A critical issue has been identified in the Linux kernel related to the EDMA driver's memory allocation strategy. Specifically, the function 'edma_setup_from_hw()' improperly allocates memory for 'queue_priority_map'. This misallocation, where only 'sizeof(s8)' is used instead of the accurate size needed for a 2D array, results in out-of-bounds memory writes. This flaw has been observed to provoke kernel crashes, particularly evidenced as 'Oops - undefined instruction' errors on ARM architectures, such as the BeagleBoard-X15, during the EDMA driver probe. The suggested fix includes adjusting the memory allocation to utilize 'sizeof(*queue_priority_map)', ensuring correct memory sizing and enhancing system stability.

Affected Version(s)

Linux 2b6b3b7420190888793c49e97276e1e73bd7eaed < 5e462fa0dfdb52b3983cf41532d3d4c7d63e2f93

Linux 2b6b3b7420190888793c49e97276e1e73bd7eaed < 1baed10553fc8b388351d8fc803e3ae6f1a863bc

Linux 2b6b3b7420190888793c49e97276e1e73bd7eaed < 069fd1688c57c0cc8a3de64d108579b31676f74b

References

https://git.kernel.org/stable/c/5e462fa0dfdb52b3983cf4153...

https://git.kernel.org/stable/c/1baed10553fc8b388351d8fc8...

https://git.kernel.org/stable/c/069fd1688c57c0cc8a3de64d1...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 23, 2025
Vulnerability Reserved
Apr 16, 2025

JSON