CVE-2025-39920

pcmcia: Add error handling for add_interval() in do_validate_mem()

Severity Score

5.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: pcmcia: Add error handling for add_interval() in do_validate_mem() In the do_validate_mem(), the call to add_interval() does not
handle errors. If kmalloc() fails in add_interval(), it could
result in a null pointer being inserted into the linked list,
leading to illegal memory access when sub_interval() is called
next. This patch adds an error handling for the add_interval(). If
add_interval() returns an error, the function will return early
with the error code.

In the Linux kernel, the following vulnerability has been resolved: pcmcia: Add error handling for add_interval() in do_validate_mem() In the do_validate_mem(), the call to add_interval() does not handle errors. If kmalloc() fails in add_interval(), it could result in a null pointer being inserted into the linked list, leading to illegal memory access when sub_interval() is called next. This patch adds an error handling for the add_interval(). If add_interval() returns an error, the function will return early with the error code.

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this to expose sensitive information from the host OS. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2025-04-16 CVE Reserved
2025-10-01 CVE Published
2025-11-03 CVE Updated
2025-12-08 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (9)

URL	Tag	Source
https://git.kernel.org/stable/c/7b4884ca8853a638df0eb5d251d80d67777b8b1a	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/5b60ed401b47897352c520bc724c85aa908dedcc	2025-09-09
https://git.kernel.org/stable/c/ae184024ef31423e5beb44cf4f52999bbcf2fe5b	2025-09-09
https://git.kernel.org/stable/c/85be7ef8c8e792a414940a38d94565dd48d2f236	2025-09-09
https://git.kernel.org/stable/c/06b26e3099207c94b3d1be8565aedc6edc4f0a60	2025-09-09
https://git.kernel.org/stable/c/8699358b6ac99b8ccc97ed9e6e3669ef8958ef7b	2025-09-09
https://git.kernel.org/stable/c/289b58f8ff3198d091074a751d6b8f6827726f3e	2025-09-09
https://git.kernel.org/stable/c/369bf6e241506583f4ee7593c53b92e5a9f271b4	2025-09-09
https://git.kernel.org/stable/c/4a81f78caa53e0633cf311ca1526377d9bff7479	2025-08-16

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.34 < 5.4.299 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.34 < 5.4.299"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.34 < 5.10.243 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.34 < 5.10.243"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.34 < 5.15.192 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.34 < 5.15.192"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.34 < 6.1.151 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.34 < 6.1.151"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.34 < 6.6.105 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.34 < 6.6.105"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.34 < 6.12.46 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.34 < 6.12.46"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.34 < 6.16.6 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.34 < 6.16.6"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.34 < 6.17 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.34 < 6.17"		en		Affected