| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025100120-CVE-2025-39920-5dbe@gregkh> Date: Wed, 1 Oct 2025 09:55:22 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2025-39920: pcmcia: Add error handling for add_interval() in do_validate_mem() From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: pcmcia: Add error handling for add_interval() in do_validate_mem() In the do_validate_mem(), the call to add_interval() does not handle errors. If kmalloc() fails in add_interval(), it could result in a null pointer being inserted into the linked list, leading to illegal memory access when sub_interval() is called next. This patch adds an error handling for the add_interval(). If add_interval() returns an error, the function will return early with the error code. The Linux kernel CVE team has assigned CVE-2025-39920 to this issue. Affected and fixed versions =========================== Issue introduced in 2.6.34 with commit 7b4884ca8853a638df0eb5d251d80d67777b8b1a and fixed in 5.4.299 with commit 5b60ed401b47897352c520bc724c85aa908dedcc Issue introduced in 2.6.34 with commit 7b4884ca8853a638df0eb5d251d80d67777b8b1a and fixed in 5.10.243 with commit ae184024ef31423e5beb44cf4f52999bbcf2fe5b Issue introduced in 2.6.34 with commit 7b4884ca8853a638df0eb5d251d80d67777b8b1a and fixed in 5.15.192 with commit 85be7ef8c8e792a414940a38d94565dd48d2f236 Issue introduced in 2.6.34 with commit 7b4884ca8853a638df0eb5d251d80d67777b8b1a and fixed in 6.1.151 with commit 06b26e3099207c94b3d1be8565aedc6edc4f0a60 Issue introduced in 2.6.34 with commit 7b4884ca8853a638df0eb5d251d80d67777b8b1a and fixed in 6.6.105 with commit 8699358b6ac99b8ccc97ed9e6e3669ef8958ef7b Issue introduced in 2.6.34 with commit 7b4884ca8853a638df0eb5d251d80d67777b8b1a and fixed in 6.12.46 with commit 289b58f8ff3198d091074a751d6b8f6827726f3e Issue introduced in 2.6.34 with commit 7b4884ca8853a638df0eb5d251d80d67777b8b1a and fixed in 6.16.6 with commit 369bf6e241506583f4ee7593c53b92e5a9f271b4 Issue introduced in 2.6.34 with commit 7b4884ca8853a638df0eb5d251d80d67777b8b1a and fixed in 6.17 with commit 4a81f78caa53e0633cf311ca1526377d9bff7479 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2025-39920 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/pcmcia/rsrc_nonstatic.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/5b60ed401b47897352c520bc724c85aa908dedcc https://git.kernel.org/stable/c/ae184024ef31423e5beb44cf4f52999bbcf2fe5b https://git.kernel.org/stable/c/85be7ef8c8e792a414940a38d94565dd48d2f236 https://git.kernel.org/stable/c/06b26e3099207c94b3d1be8565aedc6edc4f0a60 https://git.kernel.org/stable/c/8699358b6ac99b8ccc97ed9e6e3669ef8958ef7b https://git.kernel.org/stable/c/289b58f8ff3198d091074a751d6b8f6827726f3e https://git.kernel.org/stable/c/369bf6e241506583f4ee7593c53b92e5a9f271b4 https://git.kernel.org/stable/c/4a81f78caa53e0633cf311ca1526377d9bff7479
Powered by blists - more mailing lists