Integer Overflow Vulnerability in Linux Kernel dm-stripe Module
CVE-2025-39940

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 October 2025

What is CVE-2025-39940?

An integer overflow vulnerability exists in the Linux kernel's dm-stripe module, specifically within the stripe_io_hints function. When handling excessively large chunk sizes, an overflow may occur, potentially leading to improper setting of input/output limits and affecting system stability. It is crucial for users to apply the latest patches to mitigate any risks associated with this flaw.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 1071d560afb4c245c2076494226df47db5a35708

References

https://git.kernel.org/stable/c/f8f64254bca5ae58f3b679441...

https://git.kernel.org/stable/c/ee27658c239b27721397f3e4e...

https://git.kernel.org/stable/c/1071d560afb4c245c20764942...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 4, 2025
Vulnerability Reserved
Apr 16, 2025

JSON