CVE-2025-39898 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved:

e1000e: fix heap overflow in e1000_set_eeprom

Fix a possible heap overflow in e1000_set_eeprom function by adding
input validation for the requested length of the change in the EEPROM.
In addition, change the variable type from int to size_t for better
code practices and rearrange declarations to RCT.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/0aec3211283482cfcdd606d1345e1f9acbcabd31
https://git.kernel.org/stable/c/50a84d5c814039ad2abe2748aec3e89324a548a7
https://git.kernel.org/stable/c/90fb7db49c6dbac961c6b8ebfd741141ffbc8545
https://git.kernel.org/stable/c/99a8772611e2d7ec318be7f0f072037914a1f509
https://git.kernel.org/stable/c/b370f7b1f470a8d5485cc1e40e8ff663bb55d712
https://git.kernel.org/stable/c/b48adcacc34fbbc49046a7ee8a97839bef369c85
https://git.kernel.org/stable/c/ce8829d3d44b8622741bccca9f4408bc3da30b2b
https://git.kernel.org/stable/c/ea832ec0583e2398ea0c5ed8d902c923e16f53c4

History

Wed, 01 Oct 2025 07:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: e1000e: fix heap overflow in e1000_set_eeprom Fix a possible heap overflow in e1000_set_eeprom function by adding input validation for the requested length of the change in the EEPROM. In addition, change the variable type from int to size_t for better code practices and rearrange declarations to RCT.
Title		e1000e: fix heap overflow in e1000_set_eeprom
References		https://git.kernel.org/stable/c/0aec3211283482cfcdd606d1345e1f9acbcabd31 https://git.kernel.org/stable/c/50a84d5c814039ad2abe2748aec3e89324a548a7 https://git.kernel.org/stable/c/90fb7db49c6dbac961c6b8ebfd741141ffbc8545 https://git.kernel.org/stable/c/99a8772611e2d7ec318be7f0f072037914a1f509 https://git.kernel.org/stable/c/b370f7b1f470a8d5485cc1e40e8ff663bb55d712 https://git.kernel.org/stable/c/b48adcacc34fbbc49046a7ee8a97839bef369c85 https://git.kernel.org/stable/c/ce8829d3d44b8622741bccca9f4408bc3da30b2b https://git.kernel.org/stable/c/ea832ec0583e2398ea0c5ed8d902c923e16f53c4

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-10-01T07:42:46.360Z

Updated: 2025-10-01T07:42:46.360Z

Reserved: 2025-04-16T07:20:57.146Z

Link: CVE-2025-39898

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-10-01T08:15:32.483

Modified: 2025-10-01T08:15:32.483

Link: CVE-2025-39898

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Affected Vendors & Products

Metrics

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object