PT-2025-37244 · Linux+6 · Linux Kernel+6

Published

2025-08-22

Updated

2026-05-26

CVE-2025-39787

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: The Linux kernel contains a flaw within the Qualcomm MDT loader used in remoteproc. Insufficient validation of the firmware buffer size can lead to reading past the end of the ELF header during iteration, and improper validation of e phentsize and e shentsize can cause issues with step size assumptions during traversal.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

AZL-67211

AZL-74682

BDU:2025-15226

CVE-2025-39787

DLA-4327-1

DLA-4328-1

DSA-6008-1

DSA-6009-1

ECHO-D96D-A863-27A1

OESA-2025-2532

OESA-2025-2536

OESA-2025-2537

OPENSUSE-SU-2025:20081-1

SUSE-SU-2025:03600-1

SUSE-SU-2025:03601-1

SUSE-SU-2025:03614-1

SUSE-SU-2025:03633-1

SUSE-SU-2025:03634-1

SUSE-SU-2025:20851-1

SUSE-SU-2025:20861-1

SUSE-SU-2025:20870-1

SUSE-SU-2025:20898-1

SUSE-SU-2025:21074-1

SUSE-SU-2025:21139-1

SUSE-SU-2025:21179-1

SUSE-SU-2025:3725-1

SUSE-SU-2025:3751-1

USN-7909-1

USN-7909-2

USN-7909-3

USN-7909-4

USN-7909-5

USN-7910-1

USN-7910-2

USN-7933-1

USN-7938-1

USN-8028-1

USN-8028-2

USN-8028-3

USN-8028-4

USN-8028-5

USN-8028-6

USN-8028-7

USN-8028-8

USN-8031-1

USN-8031-2

USN-8031-3

USN-8052-1

USN-8052-2

USN-8074-1

USN-8074-2

USN-8126-1

Affected Products

Debian

Linuxmint

Linux Kernel

Qualcomm Mdt

Red Os

Suse

Ubuntu

PT-2025-37244 · Linux+6 · Linux Kernel+6

CVE-2025-39787

Weakness Enumeration

Related Identifiers

Affected Products

References · 3278