In the Linux kernel, the following vulnerability has been resolved:

mm: swap: fix potential buffer overflow in setup_clusters()

In setup_swap_map(), we only ensure badpages are in range (0, last_page].
As maxpages might be < last_page, setup_clusters() will encounter a buffer
overflow when a badpage is >= maxpages.

Only call inc_cluster_info_page() for badpage which is < maxpages to fix
the issue.
History

Sun, 07 Sep 2025 15:30:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: mm: swap: fix potential buffer overflow in setup_clusters() In setup_swap_map(), we only ensure badpages are in range (0, last_page]. As maxpages might be < last_page, setup_clusters() will encounter a buffer overflow when a badpage is >= maxpages. Only call inc_cluster_info_page() for badpage which is < maxpages to fix the issue.
Title mm: swap: fix potential buffer overflow in setup_clusters()
References

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2025-09-07T15:16:17.986Z

Reserved: 2025-04-16T07:20:57.118Z

Link: CVE-2025-39727

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2025-09-07T16:15:46.023

Modified: 2025-09-07T16:15:46.023

Link: CVE-2025-39727

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.