Improper Algorithm Validation in Linux Kernel Affects System Integrity
CVE-2025-39924

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 October 2025

What is CVE-2025-39924?

This vulnerability in the Linux kernel pertains to an inadequate validation of algorithms utilized for encoded extents. It arises from the existing algorithm checks failing to appropriately account for newly encoded extents. To address this, the algorithm check needs to be aligned with Z_EROFS_COMPRESSION(_RUNTIME)_MAX, ensuring a consistent application with sbi->available_compr_algs. Without this critical adjustment, the system's integrity can be compromised, leading to potential security risks.

Affected Version(s)

Linux 1d191b4ca51d73699cb127386b95ac152af2b930

Linux 1d191b4ca51d73699cb127386b95ac152af2b930 < 131897c65e2b86cf14bec7379f44aa8fbb407526

Linux 6.15

References

https://git.kernel.org/stable/c/db5d7abd379a8dcf030be8f52...

https://git.kernel.org/stable/c/131897c65e2b86cf14bec7379...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 1, 2025
Vulnerability Reserved
Apr 16, 2025

JSON