Memory Management Vulnerability in Linux Kernel Affecting Metadata Access
CVE-2025-39902

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
1 October 2025

What is CVE-2025-39902?

A vulnerability has been identified in the Linux kernel related to the memory management component, specifically within the mm/slub subsystem. This issue arises when an invalid pointer is accessed in the object_err() function meant for debugging. If this pointer does not point to a valid object, it can lead to unexpected crashes. A known trigger for this crash occurs during calls to alloc_consistency_checks(), where a corrupted freelist leads to an invalid pointer being reported by object_err(). The resolution involves ensuring that any checks against pointer validity are strictly adhered to, allowing only valid accesses to metadata. Should a pointer be NULL or deemed invalid, the system should only log the pointer value without attempting to access the potentially corrupted metadata, thus enhancing overall system stability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 81819f0fc8285a2a5a921c019e3e3d7b6169d225 < 872f2c34ff232af1e65ad2df86d61163c8ffad42

Linux 81819f0fc8285a2a5a921c019e3e3d7b6169d225

Linux 81819f0fc8285a2a5a921c019e3e3d7b6169d225 < 7e287256904ee796c9477e3ec92b07f236481ef3

References

https://git.kernel.org/stable/c/872f2c34ff232af1e65ad2df8...
https://git.kernel.org/stable/c/f66012909e7bf383fcdc58507...
https://git.kernel.org/stable/c/7e287256904ee796c9477e3ec...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.