Buffer Overflow Vulnerability in etas_es58x Driver for Linux Kernel
CVE-2025-39988

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
15 October 2025

What is CVE-2025-39988?

A vulnerability exists in the etas_es58x driver within the Linux kernel, where an attacker can exploit the mishandling of the MTU configuration. By sending a specially crafted PF_PACKET to the xmit() function, an attacker can bypass critical checks and cause a buffer overflow. This occurs due to an invalid MTU being set, allowing malicious CAN XL frames to be injected, which the driver then misinterprets, leading to potential memory corruption. To mitigate this issue, proper validation on the net_device_ops->ndo_change_mtu() function has been implemented to restrict the MTU settings to safe values based on the device's capabilities.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 8537257874e949a59c834cecfd5a063e11b64b0b < 72de0facc50afdb101fb7197d880407f1abfc77f

Linux 8537257874e949a59c834cecfd5a063e11b64b0b

Linux 8537257874e949a59c834cecfd5a063e11b64b0b

References

https://git.kernel.org/stable/c/72de0facc50afdb101fb7197d...
https://git.kernel.org/stable/c/c4e582e686c4d683c87f2b4a3...
https://git.kernel.org/stable/c/cbc1de71766f326a44bb798ae...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.