Out-of-Bounds Write Vulnerability in Linux Kernel BPF Crypto Function
CVE-2025-39917

7.8HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 October 2025

What is CVE-2025-39917?

A vulnerability in the Linux kernel's BPF crypto functionality can lead to out-of-bounds (OOB) writes due to improper size validation of destination dynamic pointers before engaging with the crypto backend. Specifically, in the bpf_crypto_crypt() function, there is a risk when the destination buffer is smaller than the source buffer, potentially allowing malicious exploitation under root privileges. This issue underscores the importance of proper buffer handling to maintain system security and integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 3e1c6f35409f9e447bf37f64840f5b65576bfb78 < 0126358df12d6f476f79251d9c398ac5c1b3062d

Linux 3e1c6f35409f9e447bf37f64840f5b65576bfb78

References

https://git.kernel.org/stable/c/0126358df12d6f476f79251d9...

https://git.kernel.org/stable/c/c4be24ef0510c146dca4671ef...

https://git.kernel.org/stable/c/f9bb6ffa7f5ad0f8ee0f53fc4...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 1, 2025
Vulnerability Reserved
Apr 16, 2025

JSON

Linux

What is CVE-2025-39917?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.