PT-2025-17279 · Linux+7 · Linux Kernel+7
Published
2025-02-13
·
Updated
2026-04-20
·
CVE-2025-39735
CVSS v3.1
7.1
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
A slab-out-of-bounds read issue has been identified in the Linux kernel, specifically in the
ea get() function. The problem arises when the extended attribute list size exceeds INT MAX, causing an integer overflow. This leads to a corrupted size variable being passed to print hex dump(), resulting in an out-of-bounds access. The issue occurs due to the lack of validation for EALIST SIZE(ea buf->xattr) before its utilization.Recommendations
To resolve this issue, validate
EALIST SIZE(ea buf->xattr) before it is utilized to prevent the integer overflow and subsequent out-of-bounds access. As a temporary workaround, consider restricting access to the ea get() function until a patch is available.Exploit
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu