Buffer Overflow Vulnerability in mcba_usb Driver for Linux Kernel
CVE-2025-39985

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
15 October 2025

What is CVE-2025-39985?

A buffer overflow vulnerability exists in the mcba_usb driver of the Linux kernel, allowing an attacker to exploit invalid MTU settings. The attacker can manipulate the PF_PACKET to bypass CAN framework protections and send oversized CAN XL frames. When these frames are processed without correct length checks, they can overwrite critical memory areas, leading to potential system crashes or unauthorized code execution. The vulnerability has been addressed by enforcing proper handling of MTU settings in the driver, ensuring the interface's MTU does not exceed specified limits.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 51f3baad7de943780ce0c17bd7975df567dd6e14 < 0fa9303c4b9493727e0d3a6ac3729300e3013930

Linux 51f3baad7de943780ce0c17bd7975df567dd6e14 < 37aed407496bf6de8910e588edb04d2435fa7011

Linux 51f3baad7de943780ce0c17bd7975df567dd6e14 < 6eec67bfb25637f9b51e584cf59ddace59925bc8

References

https://git.kernel.org/stable/c/0fa9303c4b9493727e0d3a6ac...
https://git.kernel.org/stable/c/37aed407496bf6de8910e588e...
https://git.kernel.org/stable/c/6eec67bfb25637f9b51e584cf...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.