CVE-2025-39719

CVSS v3.1

7.1

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw in the bno055 driver related to an out-of-bounds array access of the hw xlate array within the bno055 get regmask() function. The issue occurs because the code iterates over the length of the vals array instead of the hw xlate array. Although a match is typically found before the loop iterates beyond the bounds of the hw xlate array, a potential for out-of-bounds access exists. A new hw xlate len field has been added to the bno055 sysfs attr to ensure correct iteration length.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

AZL-67022

BDU:2025-15711

CVE-2025-39719

DLA-4328-1

DSA-6008-1

DSA-6009-1

ECHO-8BB4-B7AD-C1C8

MGASA-2025-0234

MGASA-2025-0235

OPENSUSE-SU-2025:20081-1

SUSE-SU-2025:03600-1

SUSE-SU-2025:03634-1

SUSE-SU-2025:20851-1

SUSE-SU-2025:20861-1

SUSE-SU-2025:20870-1

SUSE-SU-2025:20898-1

SUSE-SU-2025:21074-1

SUSE-SU-2025:21139-1

SUSE-SU-2025:21179-1

SUSE-SU-2025:3751-1

SUSE-SU-2025:4057-1

SUSE-SU-2025:4132-1

SUSE-SU-2025:4141-1

USN-8028-1

USN-8028-2

USN-8028-3

USN-8028-4

USN-8028-5

USN-8028-6

USN-8028-7

USN-8028-8

USN-8031-1

USN-8031-2

USN-8031-3

USN-8052-1

USN-8052-2

USN-8074-1

USN-8074-2

USN-8126-1

Affected Products

Astra Linux

Debian

Linuxmint

Linux Kernel

Red Os

Suse

Ubuntu

CVE-2025-39719

Weakness Enumeration

Related Identifiers

Affected Products

References · 3352