CVE-2025-39920 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved:

pcmcia: Add error handling for add_interval() in do_validate_mem()

In the do_validate_mem(), the call to add_interval() does not
handle errors. If kmalloc() fails in add_interval(), it could
result in a null pointer being inserted into the linked list,
leading to illegal memory access when sub_interval() is called
next.

This patch adds an error handling for the add_interval(). If
add_interval() returns an error, the function will return early
with the error code.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00024.

Key SSVC decision points have not yet been added.

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/06b26e3099207c94b3d1be8565aedc6edc4f0a60
https://git.kernel.org/stable/c/289b58f8ff3198d091074a751d6b8f6827726f3e
https://git.kernel.org/stable/c/369bf6e241506583f4ee7593c53b92e5a9f271b4
https://git.kernel.org/stable/c/4a81f78caa53e0633cf311ca1526377d9bff7479
https://git.kernel.org/stable/c/5b60ed401b47897352c520bc724c85aa908dedcc
https://git.kernel.org/stable/c/85be7ef8c8e792a414940a38d94565dd48d2f236
https://git.kernel.org/stable/c/8699358b6ac99b8ccc97ed9e6e3669ef8958ef7b
https://git.kernel.org/stable/c/ae184024ef31423e5beb44cf4f52999bbcf2fe5b

History

Wed, 01 Oct 2025 08:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: pcmcia: Add error handling for add_interval() in do_validate_mem() In the do_validate_mem(), the call to add_interval() does not handle errors. If kmalloc() fails in add_interval(), it could result in a null pointer being inserted into the linked list, leading to illegal memory access when sub_interval() is called next. This patch adds an error handling for the add_interval(). If add_interval() returns an error, the function will return early with the error code.
Title		pcmcia: Add error handling for add_interval() in do_validate_mem()
References		https://git.kernel.org/stable/c/06b26e3099207c94b3d1be8565aedc6edc4f0a60 https://git.kernel.org/stable/c/289b58f8ff3198d091074a751d6b8f6827726f3e https://git.kernel.org/stable/c/369bf6e241506583f4ee7593c53b92e5a9f271b4 https://git.kernel.org/stable/c/4a81f78caa53e0633cf311ca1526377d9bff7479 https://git.kernel.org/stable/c/5b60ed401b47897352c520bc724c85aa908dedcc https://git.kernel.org/stable/c/85be7ef8c8e792a414940a38d94565dd48d2f236 https://git.kernel.org/stable/c/8699358b6ac99b8ccc97ed9e6e3669ef8958ef7b https://git.kernel.org/stable/c/ae184024ef31423e5beb44cf4f52999bbcf2fe5b

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-10-01T07:55:15.731Z

Updated: 2025-10-01T07:55:15.731Z

Reserved: 2025-04-16T07:20:57.147Z

Link: CVE-2025-39920

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-10-01T08:15:35.237

Modified: 2025-10-01T08:15:35.237

Link: CVE-2025-39920

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Affected Vendors & Products

Metrics

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object