CVE-2025-39902
- Source
- https://cve.org/CVERecord?id=CVE-2025-39902
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-39902.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-39902
- Downstream
- Related
- Published
- 2025-10-01T07:42:49.415Z
- Modified
- 2026-03-13T04:03:53.985333Z
- Summary
- mm/slub: avoid accessing metadata when pointer is invalid in object_err()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
mm/slub: avoid accessing metadata when pointer is invalid in object_err()
object_err() reports details of an object for further debugging, such as the freelist pointer, redzone, etc. However, if the pointer is invalid, attempting to access object metadata can lead to a crash since it does not point to a valid object.
One known path to the crash is when allocconsistencychecks() determines the pointer to the allocated object is invalid because of a freelist corruption, and calls object_err() to report it. The debug code should report and handle the corruption gracefully and not crash in the process.
In case the pointer is NULL or checkvalidpointer() returns false for the pointer, only print the pointer value and skip accessing metadata.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/39xxx/CVE-2025-39902.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/0ef7058b4dc6fcef622ac23b45225db57f17b83f
- https://git.kernel.org/stable/c/1f0797f17927b5cad0fb7eced422f9a7c30a3191
- https://git.kernel.org/stable/c/3baa1da473e6e50281324ff1d332d1a07a3bb02e
- https://git.kernel.org/stable/c/7e287256904ee796c9477e3ec92b07f236481ef3
- https://git.kernel.org/stable/c/872f2c34ff232af1e65ad2df86d61163c8ffad42
- https://git.kernel.org/stable/c/b4efccec8d06ceb10a7d34d7b1c449c569d53770
- https://git.kernel.org/stable/c/dda6ec365ab04067adae40ef17015db447e90736
- https://git.kernel.org/stable/c/f66012909e7bf383fcdc5850709ed5716073fdc4
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/39xxx/CVE-2025-39902.json
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
- https://nvd.nist.gov/vuln/detail/CVE-2025-39902
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced81819f0fc8285a2a5a921c019e3e3d7b6169d225Fixed872f2c34ff232af1e65ad2df86d61163c8ffad42Fixedf66012909e7bf383fcdc5850709ed5716073fdc4Fixed7e287256904ee796c9477e3ec92b07f236481ef3Fixed1f0797f17927b5cad0fb7eced422f9a7c30a3191Fixed0ef7058b4dc6fcef622ac23b45225db57f17b83fFixeddda6ec365ab04067adae40ef17015db447e90736Fixed3baa1da473e6e50281324ff1d332d1a07a3bb02eFixedb4efccec8d06ceb10a7d34d7b1c449c569d53770