I2C Vulnerability in Realtek RTL9300 Chipset Affects Linux Kernel
CVE-2025-39928

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 October 2025

What is CVE-2025-39928?

A vulnerability in the Linux kernel affects the Realtek RTL9300 I2C communication. This issue arises when the data length is set to an unsupported value of 0, leading to unintended behaviors such as an underflow in the register calculations. Specifically, the SMBus Quick Operation is compromised, enabling erroneous 16-byte transfers instead of the intended quick write operation. As a result, this can lead to severe repercussions including potential bricking of devices that lack write-protected EEPROM. Adding robust checks for data lengths is vital to mitigate these risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux c366be720235301fdadf67e6f1ea6ff32669c074

Linux c366be720235301fdadf67e6f1ea6ff32669c074 < 06418cb5a1a542a003fdb4ad8e76ea542d57cfba

Linux 6.13

References

https://git.kernel.org/stable/c/c91382328fc89f73144d5582f...

https://git.kernel.org/stable/c/06418cb5a1a542a003fdb4ad8...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 1, 2025
Vulnerability Reserved
Apr 16, 2025

JSON

Linux

What is CVE-2025-39928?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.